3 # Logchecker - perl script to check unix logfiles and notify by email
4 # if entries appear not covered by the whitelist
5 # Copyright (C) long time ago by Peter, peters-webcorner.de
7 # This program is free software: you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation, either version 3 of the License, or
10 # (at your option) any later version.
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <https://www.gnu.org/licenses/>.
20 require 'logcheck.conf';
26 print "-----------------------------\n";
27 print "This is logcheck.pl V1.0.4\n";
28 print "https://peters-webcorner.de\n";
29 print "project hosted on github\n";
30 print "https://github.com/pstimpel/logcheck\n\n";
31 print "Logchecker - Copyright (C) long time ago by Peter\n";
32 print "This program comes with ABSOLUTELY NO WARRANTY; for details run `-l'.\n";
33 print "This is free software, and you are welcome to redistribute it\n";
34 print "under certain conditions. Check license for details.\n";
35 print "-----------------------------\n\n";
38 if (($ARGV[0] ne "") && ($ARGV[0] ne "debug") && ($ARGV[0] ne "-l")) {
40 print "Parameters:\n";
41 print "logcheck.pl normal run, parse logfiles and fire email if needed\n";
42 print "logcheck.pl debug prevents script from sending mail\n";
43 print "logcheck.pl -l prints license to console\n";
48 if ($ARGV[0] eq "-l") {
50 print "Content of license\n\n\n";
51 system('cat LICENSE | more');
55 if ($ARGV[0] eq "debug") {
57 print "debug mode on...\n";
62 if (-e $file_whitelist) {
63 if($mode eq "debug") {
64 print "whitelist found...\n";
69 open(ADR, ">$file_whitelist");
72 print "Please edit ".$file_whitelist." first...\n";
76 if (-e $file_logfilelist) {
77 if($mode eq "debug") {
78 print "list of logfiles found...\n";
81 open(ADR, ">$file_logfilelist");
84 print "Please edit ".$file_logfilelist." first...\n";
91 open(ADR, "<$file_whitelist");
96 if (substr($_,0,1) ne "#")
99 push @whitelisted, $_;
105 if($mode eq "debug") {
106 print $read." entries in whitelist found\n";
111 if($mode eq "debug") {
112 print "no entries in whitelist found, may be not normal...\n";
119 open(ADR, "<$file_logfilelist");
124 if (substr($_,0,1) ne "#")
133 if($mode eq "debug") {
134 print $read." entries in logfile list found\n";
139 print "there must be at least one entry in "..$file_logfilelist."\n";
140 print "ABORTING NOW!!!\n";
145 foreach $thisfile (@logfiles) {
150 if($mode eq "debug") {
151 print "processing ".$thisfile."\n";
157 if(-e $thisfile.".offset") {
158 if($mode eq "debug") {
159 print "using ".$thisfile.".offset\n";
162 open(OFF,"<$thisfile.offset");
166 if($mode eq "debug") {
167 print "offset is $_\n";
175 unlink($thisfile.".offset");
176 if($mode eq "debug") {
177 print "offset not found, reparsing without offset\n";
183 if ($outtext ne "") {
184 if($mode eq "debug") {
185 print "mail not sent, cause debug is enabled\n";
186 print "content of mail to $emailaddress would be:\n---------------------------------\n";
188 print "\n---------------------------------\nend of mail\n";
191 $Jetztzeit = localtime($Jetztwert);
192 $mailer = '/usr/sbin/sendmail';
193 $Sender = $senderaddress;
194 open(MAIL, "|$mailer -t") || die "Can't open $mailer!\n";
195 print MAIL "To: ".$emailaddress."\n";
196 print MAIL "Subject: ($thisfile) violation report $Jetztzeit\n\n\n";
199 $command="\/usr\/bin\/logger -p warn logcheckprint";
203 if($mode eq "debug") {
204 print "nothing to send, $thisfile seems to be ok\n";
207 if ($noffset ne "") {
208 if($mode eq "debug") {
209 print "new offset written in ".$thisfile.".offset\n";
211 open(ADR, ">$thisfile.offset");
218 print STDERR "logfile $thisfile not found...ignoring\n";
225 # checks the logfile itself
226 open(LOG,"<$thisfile");
229 if ($jumpover == 0) {
231 foreach $wltext (@whitelisted)
240 $outtext=$outtext.$_;
243 $noffset = substr($_,0,15,);
244 if(substr($_,0,15) eq $offset) {
246 if($mode eq "debug") {
247 print "offset found\n";