Sending logs from the server to Your e-mail account using local mail server.

Hi all.

It was 5 am when I woke up and could not sleep anymore. I went to bed around 2 am… 3 hours of sleep and boom…

Sleep is for the weak!! This is SPARTA!!

Awesome…

So I decided to do something with this time… Instead of laying in the bed and trying to fall asleep again I have decided to work on a little project. I was thinking about it for a while. I have a sendmail – mail server – running for local network. I don’t like my own way of reading the system logs. I log into the server via ssh and I su myself to root and I am using mc to read the logs and they are always big and horrible… Loving the mc I have to say I am missing the scroll bar on the side… Pg UP / Pg DN are awesome but I would just love to click in the middle of the scroll bar and read this exact moment of the log. Or just drag it up or down…

Would it be easier to read those logs from the level of lets say… Thunderbird from the LAN client? It sure would be easier / nicer / cleaner and lets say it more efficient… Ok so… Let’s learn something new and go back to bed…

GOAL of this project is:

I want to send e-mail to myself containing info from the server log and then read the message using some nice GUI mail client like Thunderbird for example. All this was done before… beside sending the logs. I will not be explaining here how to configure the sendmail server. Not today anyway. I configured it in the past after a lot of reading and messing around. I can check my system mail from the LAN client via secure (SSL) pop3s socket. Now all I need to figure out is how to send the logs to myself. HMMMM…

Bit of searching online and I had first idea:

/bin/mail mylogin@myserver.net < /var/log/httpd/access_log

HA! Now ain’t that sweet? This will throw the entire content of the access_log to the e-mail message and then sent it to the chosen e-mail.

Yes it is sweet…

BUT there are always BUTS…

If I keep sending this file to myself over and over and over again the message is going to get big. After a while of adding data to the log file its gonna get really BIG and its gonna be hard to read and its gonna take long time to send it. Its gonna mess up my network traffic badly too. I was going to make things easier for myself – not harder. How about cleaning the log file after I send it to myself so the next time I am getting this email I will get it with the NEW info only? No repetitive content. If I wan’t to browse previous entries – I will browse older mail. If I wan’t extra backups – I will set thunderbird filters to forward all the log-mail to my other e-mail accounts. Sounds awesome.

Bit of searching online and I was nowhere… I must have used wrong search terms… Or the internet is full of junk. Pick one.

So it was time for plan B. Think! You do not want to let me sleep so be useful! And few minutes later I had another idea…

echo "" > /var/log/httpd/access_log

After running this command the access_log got only one line in it. Lovely.

So all I need is to combine those 2 commands and I am good.

/bin/mail mylogin@myserver.net /var/log/httpd/access_log

Magic of && :D! After successfully running one command – run another command.

W00t! I got the log file to be cleared after it was sent to me.

BUT there are always BUTS…

Log-mail came with empty subject line. Wouldn’t it be nice to have the file name in the subject line? It would!

Go my search engine. Bring me solutions!

Few minutes later the command was looking like this:

/bin/mail -s /var/log/httpd/access_log mylogin@myserver.net /var/log/httpd/access_log

Heck yeah! Now those e-mails are looking much better!

BUT there are always BUTS!

Wouldn’t it be nice to have a Date and Time on the beginning of these emails and a nice empty line after to make them look better? I know I could look at the time stamp of the e-mail itself… I know logs have date and time in them… but I want to make it look nicer…

/bin/mail -s /var/log/httpd/access_log mylogin@myserver.net /var/log/httpd/access_log && echo "" >> /var/log/httpd/access_log

This was my final product… and I was happy with it and almost ready to go back to bed. Almost…

BUT there are always BUTS…

Am I going to send those e-mails to myself? There are several log files in the /var/log/ folder. Dmesg / Auth and so on and so forth… Making things easier seems complicated sometimes ;).

Ok so I can create scripts! Ok I can. Lets do that…

touch /root/accesshttpmail.sh && chmod 700 /root/accesshttpmail.sh && echo "/bin/mail -s /var/log/httpd/access_log mylogin@myserver.net /var/log/httpd/access_log && echo "" >> /var/log/httpd/access_log" > /root/accesshttpmail.sh

And so I ran similar commands for all the files I wanted to have sent to me.

I ended up having several executable scripts in my /root/ folder. Root owned with access, write and execution permissions for root only. Awesome! Now I don’t have to remember all those commands! I can just run those scripts right?

BUT there are always BUTS!

Why would I do it manually when PCLinuxOS can do it for me? Automation with cron is a blessing!

So I run

crontab -e

and using vi I have edited the crontab entries so that my scripts are executed every 4 hours…

Example of crontab entry.

All came out fantastic. I am really happy that I have spent an hour trying to figure it out…

Triple W00t

And about going back to bed? There is no point. Its 9 am and I just made myself another mug of coffee… I spent lion part of the last 4 hours writing this…

It was worth it doh. Sleep is overrated. Sleep is for the weak! In the future if I suffer a brain damage and I forget everything I can always come back here and read it. LOL!

Enjoy!

Andy

EDIT: Brain is needed when following this howto. All the commands in this howto have to be run as root so be careful and do not mess up. I am not taking any responsibility for Your mistakes.

Advertisements