[筆記] CentOS Linux 底下，偵測檔案內容異動 發信通知

最近在玩很久以前弄好的Smokeping裡面的Notify功能，希望能在VPN斷線的時候，第一時間得到訊息

雖然設定好了，但感覺Smokeping在送出警告信件的速度有點慢

所以另外找了個方法去檢查 smokeping.log，當檔案內容有異動時，就會發信通知，然後放到crontab裡，每分鐘檢查一次

程式內容如下

  > #!/usr/bin/env bash > > # > > # Provides      : Check if a file is changed > > # > > # Limitations   : none > > # Options       : none > > # Requirements  : bash, md5sum, cut > > # > > # Modified      : 11|07|2014 > > # Author        : ItsMe > > # Reply to      : n/a in public > > # > > # Editor        : joe > > # > > ##################################### > > # > > # OK - lets work > > # > > > # what file do we want to monitor? > > # I did not include commandline options > > # but its easy to catch a command line option > > # and replace the defaul given here > > file=/var/log/smokeping.log #設定要監控的目標檔案 > > > # path to file’s saved md5sum > > # I did not spend much effort in naming this file > > # if you ahve to test multiple files > > # so just use a commandline option and use the given > > # file name like: filename=$(basename “$file”) > > fingerprintfile=/tmp/.bla.md5savefile #md5計算結果暫存檔 > > > # does the file exist? #檢查目標檔案是否存在 > > if [ ! -f $file ] > > then > > echo “ERROR: $file does not exist - aborting” > > exit 1 > > fi > > # create the md5sum from the file to check #計算目標檔案的md5 checksum > > filemd5=md5sum $file | cut -d " " -f1 > > > # check the md5 and > > # show an error when we check an empty file #確認不是空檔案 > > if [ -z $filemd5 ] > > then > > echo “The file is empty - aborting” > > exit 1 > > else > > # pass silent > > : > > fi > > > # do we have allready an saved fingerprint of this file? > > if [ -f $fingerprintfile ] > > then > > # yup - get the saved md5 > > savedmd5=cat $fingerprintfile > > > # check again if its empty > > if [ -z $savedmd5 ] > > then > > echo “The file is empty - aborting” > > exit 1 > > fi > > > #compare the saved md5 with the one we have now #比對暫存檔和目標檔案的check sum , 如果不相符就寄出信件並附上最後一行 > > if [ “$savedmd5” = “$filemd5” ] > > then > > # pass silent > > : > > else > > # echo “File has been changed” > > tail -1 /var/log/smokeping.log |mail -s ‘Alert’ -v chchang@[192.168.10.240] > > > # this does an beep on your pc speaker (probably) > > # you get this character when you do: > > # CTRL+V CTRL+G > > fi > > > # do we have allready an saved fingerprint of this file? > > if [ -f $fingerprintfile ] > > then > > # yup - get the saved md5 > > savedmd5=cat $fingerprintfile > > > # check again if its empty > > if [ -z $savedmd5 ] > > then > > echo “The file is empty - aborting” > > exit 1 > > fi > > > #compare the saved md5 with the one we have now > > if [ “$savedmd5” = “$filemd5” ] > > then > > # pass silent > > : > > else > > # echo “File has been changed” > > tail -1 /var/log/smokeping.log |mail -s ‘Alert’ -v chchang@[192.168.10.240] > > > # this does an beep on your pc speaker (probably) > > # you get this character when you do: > > # CTRL+V CTRL+G > > # this is a bit creepy so you can use the ‘beep’ command > > # of your distro > > # or run some command you want to > > echo > > fi > > > fi > > > # save the current md5 > > # sure you don’t have to do this when the file hasn’t changed > > # but you know I’m lazy and it works… > > echo $filemd5 > $fingerprintfile  

編輯好之後，就放到crontab去

不過後來覺得有點脫褲子放屁了

實際的狀況會是這樣，由Smokeping發出的信件，和這個偵測機制發出的信件，其實也沒差幾秒鐘

似乎不必另外去偵測了