View Full Version : site syslog * searchstring
NorLan
12-21-2003, 11:01 AM
hello
is it possible to search the whole syslog/errlog for a specific string?! if not this would fine to have in one of the next versions.
thx in advance
Mouton
12-21-2003, 11:10 AM
no it's not possible.
syslog = EXEC ..\scripts\ioa.exe syslog
syslog is a ioA feature.
so WarC is the one this suggestion should be directed to.
I think i'll make a simple grep.itcl script to do that. Need that too myself sometimes...
Mouton
12-21-2003, 11:24 AM
grep.itcl:
if {[llength $args]!=2} {
iputs "Syntax: SITE GREP <search_string> <logfile> "
iputs "<logfile>: Error, ioFTPD, SysOp, SystemError or xferlog"
return
}
set lookup [lindex $args 0]
if {[lindex $args 1]=="xferlog"} {
set filename "../logs/[lindex $args 1]"
} else {
set filename "../logs/[lindex $args 1].log"
}
iputs -nobuffer "Looking for '$lookup' in $filename"
set ferror [catch {set fp [open $filename r]}]
if {!$ferror} {
set dc 0
while {![eof $fp]} {
set line [gets $fp]
if {[string match -nocase "*$lookup*" $line]} {
iputs -nobuffer $line
incr dc
}
}
close $fp
iputs "$dc entries found"
} else {
iputs "Error opening '$filename'."
}
[Scripts]
GREP = TCL ..\scripts\grep.itcl
[11:22:49] [L] site grep Mouton xferlog
[11:22:49] [L] 200-Looking for 'Mouton' in ../logs/xferlog
[11:22:49] [L] 200-Wed Nov 19 16:01:13 2003 31 64.221.14.121 5492588 /!ioftpd/logs/ioFTPD.log b _ i r Mouton ftp 1 gb l
...
[11:22:49] [L] 200-21 entries found
[11:22:49] [L] 200 Command successful.
Zer0Racer
12-21-2003, 11:32 AM
Just use SITE SYSLOG *searchstring* in ioA.
Taken from ioA manual:
* site syslog <days> <search>
site syslog purge
Show loglines from sysop.log. Days and search can vary in following ways:
Examples:
site syslog *hubba* (starts can be added to give better search)
site syslog *hubba*bubba*my*leet*long*line*
site syslog 5
site syslog 5 *hubba*
site syslog * (Will show entire syslog)
Note that it does not count days as usually. If you issue "site syslog 1" that will
display what happend last 24 hours even if that might not be "last" day.
Mouton
12-21-2003, 10:02 PM
oh. my bad. didn't know that ioA feature :)
NorLan
12-22-2003, 06:04 AM
*hehe
-> those who can read have a serious advantage <-
i am bad too
Zer0Racer
12-22-2003, 01:44 PM
syslog (and errlog) syntax is "borrowed" from glftpd.
vBulletin® v3.8.11 Alpha 3, Copyright ©2000-2024, vBulletin Solutions, Inc.