Date: Tue, 27 Jul 2004 15:35:50 -0500 From: "Kevin D. Kinsey, DaleCo, S.P." <kdk@daleco.biz> To: Chris <bsdnewbie@coolarrow.com> Cc: freebsd-questions@freebsd.org Subject: Re: security run output Message-ID: <4106BCA6.8070908@daleco.biz> In-Reply-To: <200407270748000178.07B2E20B@coolarrow.com> References: <200407270748000178.07B2E20B@coolarrow.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Chris wrote: >When I get my nightly email from the "security run output" it normally has about the last 20 lines or less from the /var/log/messages. Is there a way to increase that to about the last 50 lines? > >Thanks, >Chris > > Hmm, I don't think that it's necessarily true that /etc/periodic is sending you the last 20 or so lines ... it's only sending "kernel" notifications, which in the case of most setups of syslog.conf, are *also* logged to /var/log/messages, hence some confusion here. So, one good question in return would be, "are you sure that you're not seeing all you want in your periodic output?" You can take a look at the manpages and source for periodic(8) and friends to learn a little more... I'm in no way an expert --- it could be possible that an expert could modify the periodic.sh script to do what you want; but in your case, I'd think that you could create a small script to do what you want and run it nightly from your personal crontab. Something like what's below. HTH, Kevin Kinsey ------------------------------------------------------------------------------------------------------- #/bin/sh # mailmessages.sh --- mail yesterday's /var/log/messages output to root... yday=`date -v -1d "+%b %d"` grep "$yday" /var/log/messages | mail -s "Contents of /var/log/messages" root
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4106BCA6.8070908>