Changes between Initial Version and Version 1 of NginxLogWatch


Ignore:
Timestamp:
Jun 16, 2015, 2:19:08 PM (3 years ago)
Author:
chris
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • NginxLogWatch

    v1 v1  
     1This is a ''very crude'' script to grep Nginx logs for 50x errors, it is run via `logrotate`, see below.
     2
     3== nginx-logwatch ==
     4
     5{{{
     6#!/bin/bash
     7
     8# The log file we are checking, best run the script via logrotate,
     9# for example edit /etc/logrotate.d/nginx to:
     10#
     11#   prerotate
     12#          /usr/local/bin/nginx-logwatch chris@webarchitects.co.uk
     13#          if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
     14#                  run-parts /etc/logrotate.d/httpd-prerotate; \
     15#          fi \
     16#   endscript
     17
     18# check that the script is being run by root
     19if [[ "$(id -u)" != "0" ]] ; then
     20  echo "You must run $0 as root or via sudo"
     21  exit 2
     22fi
     23
     24# check for a logfile on standard input
     25if [[ $1 ]]; then
     26  LOGFILE=$1
     27elif [[ ! $1 ]]; then
     28  echo "You need to provide the logfile as the first argument, eg:"
     29  echo "$0 /var/log/nginx/crin.org.access.log"
     30  exit
     31fi
     32
     33# Optional email address to send the results to
     34EMAIL=$2
     35
     36# grep for all the lines with error codes 
     37#ERRORS=$(grep '1.[0|1]" [4|5]0[2|3|4] ' $LOGFILE)
     38#ERRORS=$(grep '1.[0|1]" [4|5]0[2|3|4] ' $LOGFILE)
     39ERRORS=$(grep '1.[0|1]" 50[2|3|4] ' $LOGFILE)
     40# grep for to totals for these errors codes
     41#ERRORS_403=$(grep -c '1.[0|1]" 403 ' $LOGFILE)
     42#ERRORS_404=$(grep -c '1.[0|1]" 404 ' $LOGFILE)
     43ERRORS_502=$(grep -c '1.[0|1]" 502 ' $LOGFILE)
     44ERRORS_503=$(grep -c '1.[0|1]" 503 ' $LOGFILE)
     45ERRORS_504=$(grep -c '1.[0|1]" 504 ' $LOGFILE)
     46
     47# check to see if any errors were found
     48if [[ $ERRORS ]]; then
     49  # check for a email address
     50  if [[ $EMAIL ]]; then
     51    # name of the server
     52    HOSTNAME=$(hostname)
     53    # email subject line
     54    #SUBJECT="$ERRORS_403 403, $ERRORS_404 404, $ERRORS_502 502, $ERRORS_503 503 and $ERRORS_504 504 errors from $HOSTNAME"
     55    #SUBJECT="$ERRORS_403 403, $ERRORS_502 502, $ERRORS_503 503 and $ERRORS_504 504 errors from $HOSTNAME"
     56    SUBJECT="$ERRORS_502 502, $ERRORS_503 503 and $ERRORS_504 504 errors from $HOSTNAME"
     57    # we were supplied with a email address so send the results by email using mutt
     58    echo "$ERRORS" | mutt -s "$SUBJECT" $EMAIL
     59  # we don't have a email address so display the results of the grep
     60  else [[ ! $EMAIL ]]
     61    echo "Supply a email address on the command line to send the following results by email"
     62    echo ""
     63    #echo "Total 403 errors: $ERRORS_403"
     64    #echo "Total 404 errors: $ERRORS_404"
     65    echo "Total 502 errors: $ERRORS_502"
     66    echo "Total 503 errors: $ERRORS_503"
     67    echo "Total 504 errors: $ERRORS_504"
     68    echo ""
     69    echo "Lines with errors from $LOGFILE"
     70    echo ""
     71    echo "$ERRORS"
     72    echo ""
     73    echo "This script is best piped into a pager, eg:"
     74    echo "$0 | less"
     75  fi
     76else
     77   # we don't want any output if a email address is specified as the script is run via cron
     78   if [[ ! $EMAIL ]] ; then
     79     #echo "No recent 403, 404, 502, 503 or 504 errors were found"
     80     #echo "No recent 403, 502, 503 or 504 errors were found"
     81     echo "No recent 502, 503 or 504 errors were found"
     82   fi
     83fi
     84}}}
     85
     86== /etc/logrotate.d/nginx ==
     87
     88{{{
     89/var/log/nginx/*.log {
     90        weekly
     91        missingok
     92        rotate 52
     93        compress
     94        delaycompress
     95        notifempty
     96        create 0640 www-data adm
     97        sharedscripts
     98        prerotate
     99                /usr/local/bin/nginx-logwatch /var/log/nginx/crin.org.ssl_access.log root@localhost
     100                /usr/local/bin/nginx-logwatch /var/log/nginx/crin.org.access.log root@localhost
     101                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
     102                        run-parts /etc/logrotate.d/httpd-prerotate; \
     103                fi \
     104        endscript
     105        postrotate
     106                invoke-rc.d nginx rotate >/dev/null 2>&1
     107        endscript
     108}/var/log/nginx/*.log {
     109        weekly
     110        missingok
     111        rotate 52
     112        compress
     113        delaycompress
     114        notifempty
     115        create 0640 www-data adm
     116        sharedscripts
     117        prerotate
     118                /usr/local/bin/nginx-logwatch /var/log/nginx/crin.org.ssl_access.log root@localhost
     119                /usr/local/bin/nginx-logwatch /var/log/nginx/crin.org.access.log root@localhost
     120                if [ -d /etc/logrotate.d/httpd-prerotate ]; then \
     121                        run-parts /etc/logrotate.d/httpd-prerotate; \
     122                fi \
     123        endscript
     124        postrotate
     125                invoke-rc.d nginx rotate >/dev/null 2>&1
     126        endscript
     127}
     128
     129}}}