#!/bin/bash
# Check timestamps up to 3 minutes ago
prev3=`date +"%y/%m/%d %H:%M" -d -3minute`
prev2=`date +"%y/%m/%d %H:%M" -d -2minute`
prev1=`date +"%y/%m/%d %H:%M" -d -1minute`
now=`date +"%y/%m/%d %H:%M"`
logevent="Exception"
treshold=2
# check the log file
failCount=` egrep "$prev3|$prev2|$prev1|$now" /var/log/app_logfile.log | grep $logevent | wc -l `
# 3 or more log events in previous 3-4 minutes
if [ $failCount -gt $treshold ]; then
# notify someone
echo "failCount ($failCount) exceeds treshold ($treshold)" | mail -s "Alert from ${HOSTNAME}" support@mycompany.com
fi
Log Monitoring - number of recent events exceeding treshold
This script checks a log file for a certain log event. If the number of these events in the last 3 minutes exceeds a treshold, an alert email is sent
