how do you pull info from a log and use in script? SOLVED

Here you can exchange scripts that you created or have permission to share with other users.
Message
Author
User avatar
GDixon
Posts: 51
Joined: Fri Nov 02, 2007 4:39 pm

how do you pull info from a log and use in script? SOLVED

#1 Post by GDixon »

I have the connected ot not connected to the internet portion down and it works as expected.

Now I want to use info from the freshclam log to see if it has been updated in a time frame and if so not update again and if not then continue with the update.

how can I pull the info from the freshclam log and make use of it like this?

Code: Select all

[#!/bin/bash

clear
exit=?
wget -q --tries=10 --timeout=20 -O - http://google.com > /dev/null

if        [[ $? -eq 0 ]]; then    # -eq 0 means connected

         if
                  pulled log info to see if virus database has been updated in the last few hours
                  if not then continuse with freshclam update
                  echo
                  echo -e "Internet connected updating virus database before scan\n"
                  echo >> /home/Greg/ScanLog/Clam.log
                  echo "Internet connected updating virus database before scan" >> /home/Greg/ScanLog/Clam.log
                  sleep 4; clear
                  /usr/local/bin/avscripts/avupdate/avupdate   # starts freshclam to update virus database

          else
                 log shows freshclam virus database as beiing updated in time frame
                 DO NOT continue with update

           fi
     exit

else
        echo
        echo -e "Internet disconnected running scan without updating virus database\n"
        echo >> /home/Greg/ScanLog/Clam.log
        echo "Internet disconnected running scan without updating virus database" >> /home/Greg/ScanLog/Clam.log
        
fi

   exit 

formatting went wonky , don't know why.
Last edited by GDixon on Thu Nov 06, 2014 1:35 pm, edited 2 times in total.

User avatar
Adrian
Developer
Posts: 8248
Joined: Wed Jul 12, 2006 1:42 am

Re: how do you pull info from a log and use in script?

#2 Post by Adrian »

You can obtain the date of the last database update with something like this (as root, because the log is readable only as root):

Code: Select all

grep -m1 "Database updated" /var/log/clamav/freshclam.log | cut -f1 -d"-" | xargs -d \n date +%s --date
Explanation: grep finds first "Database updated" in the log (most recent one) then it passes the date after minim processing to date and obtains the date in seconds.

Then you get the current date in seconds with

Code: Select all

date +%s
You can assign both to variables and compare variables and then if the number is < desired number of hours you run the update.

I'm not sure what's the format of clamav.log but it looks like "Database update" is a good clue if the database was updated (but if it wasn't it might mean that there's no update, not that the update failed, so that's a potential problem, I wrote this in the idea that you might find some useful clue). It might be better to just check the last modification time of the log file (but that doesn't guarantee that the upgrade was successful) in any case this would give you the last modification time in seconds that you can compare with the result of "date +%s":

Code: Select all

stat -c %Y /var/log/clamav/freshclam.log

User avatar
GDixon
Posts: 51
Joined: Fri Nov 02, 2007 4:39 pm

Re: how do you pull info from a log and use in script?

#3 Post by GDixon »

excellent now I have a good start and have an idea of what is needed to figure all this out.

Thank you.

User avatar
GDixon
Posts: 51
Joined: Fri Nov 02, 2007 4:39 pm

Re: how do you pull info from a log and use in script?

#4 Post by GDixon »

ok I made a new section and logged an update time into my /home/Greg/ScanLog/Clam.log to avoid root permision problems.
I used seconds for the update to avoid converting.
I made a time_check script to pull both the log time and system time both in seconds

The script works well and does as expected.

My question now is how do I get these into a command that will return exit 0 and exit 1 after subtracting log time from sys time then comparing this new number to -ls 10800

I would like to have a exit 0 if the diffirence is less than 10,800 seconds ( 3 hours) and not run another update and if it's greater than 10.800 exit as 1 and do the update

the following time_check script works and returns

time stamp for script use 1415221763 (pulled out of the log)

1415224718 ( pulled from the sys time date +%s )

theres a little over a 22 min diffirence so the update would NOT run.

How do I get these 4 numbers to drop into a command to subtract and then compare them and then exit with codes.

sys_time minus log_time equals diffirence_in_time is diffirence_in_time less than 10800

[ sys_time-log_time ] [ diffirnece_in_time -ls 10800 ]

Maybe something like this?

Code: Select all

#!/bin/bash

exit=?

command to see if sys time minus log time is less than 10,800 if so exits as 0

I'm sitting here lost and laughing, I suck with the math portion and have no idea how to get my 2 time values that are seconds into the equation other than manually but they are always changing of course. 
Any help out here?

echo $((${sys_time}-${log_time}))   [ new_num -ls 10800 ]

    if   [ $?  -eq 0 ]; then
   
             run update

    else
             do not run update

    fi
       exit





Code: Select all

#!/bin/bash

clear

# pulls the update time from the Clam.log section I added for this purpose


this pulls first occurance or from the top of the log
# grep -m1 "time stamp for script use" /home/Greg/ScanLog/Clam.log | cut -f1 -d"-" | xargs -d \n

# works better, pulls from end or bottom of the log is shorter and less intensive
tac /home/Greg/ScanLog/Clam.log | grep -m 1 "time stamp for script use"    

date +%s      # get the current date in seconds with  date +%s

the script above works to pull the times and outputs them to the terminal currently looks like this in the terminal as output.

Code: Select all

time stamp for script use 1415221763

1415227807

User avatar
kmathern
Developer
Posts: 2403
Joined: Wed Jul 12, 2006 2:26 pm

Re: how do you pull info from a log and use in script?

#5 Post by kmathern »

I think something like this will work

Code: Select all

test $(echo $sys_time-$log_time|bc) -le "10800"

User avatar
GDixon
Posts: 51
Joined: Fri Nov 02, 2007 4:39 pm

Re: how do you pull info from a log and use in script?

#6 Post by GDixon »

Believe it or not I'm coming up with several ways to do that but this one

test $(echo $sys_time-$log_time|bc) -le "10800"

is the shortest and less intensive way. Much more elegant than what I have been coming up with.


My main problem is how do i get the numeric out put form this

Code: Select all

#!/bin/bash

clear

# pulls the update time from the Clam.log section I added for this purpose

#grep -m1 "time stamp for script use" /home/Greg/ScanLog/Clam.log | cut -f1 -d"-" | xargs -d \n

tac /home/Greg/ScanLog/Clam.log | grep -m 1 "time stamp for script use"
date +%s      # get the current date in seconds with  date +%s
into the sys time and log time variables so they can be read by this or something similiar

test $(echo $sys_time-$log_time|bc) -le "10800"

User avatar
Adrian
Developer
Posts: 8248
Joined: Wed Jul 12, 2006 1:42 am

Re: how do you pull info from a log and use in script?

#7 Post by Adrian »

You can simply a bit more :) no need to use bc.
if [ $(($sys_time-$log_time)) -gt "10800" ]; then...

User avatar
kmathern
Developer
Posts: 2403
Joined: Wed Jul 12, 2006 2:26 pm

Re: how do you pull info from a log and use in script?

#8 Post by kmathern »

GDixon wrote:...the script above works to pull the times and outputs them to the terminal currently looks like this in the terminal as output.
time stamp for script use 1415221763

1415227807
Are you trying to figure out how to get the "1415221763" from "time stamp for script use 1415221763" ?

I think this will get it:

Code: Select all

log_time=$(tac /home/Greg/ScanLog/Clam.log | grep -m 1 "time stamp for script use" | awk '{print $NF}')

User avatar
kmathern
Developer
Posts: 2403
Joined: Wed Jul 12, 2006 2:26 pm

Re: how do you pull info from a log and use in script?

#9 Post by kmathern »

Adrian wrote:You can simply a bit more :) no need to use bc.
if [ $(($sys_time-$log_time)) -gt "10800" ]; then...
Okay, this works too (it also eliminates the echo cmd)

Code: Select all

test $(($sys_time-$log_time)) -le "10800"

User avatar
GDixon
Posts: 51
Joined: Fri Nov 02, 2007 4:39 pm

Re: how do you pull info from a log and use in script?

#10 Post by GDixon »

yes getting the numbers or seconds into the format needed to be run in a command is what my big problem is.

I've found lots of ways to do everything but that lol

I'll plug this in, figure it out and see what starts happening, thanks !

Post Reply

Return to “Scripts”