Back up logs file and create a script showing the backed up logs and the running logs

Billy_6052 · 12-11-2014, 02:50 PM

Hi
Hope I'm through to the right section.

I want to create a bash script that pulls logs from a back up file so I would be able to compare the running logs against the backed up logs to see if a "bad" guy has messed around with the system. The logs I want to use are /var/log/messages and /var/log/boot.log. Is this possible?

If not I just want to create a good script serving good use to a security admin

Keith Hedger · 12-11-2014, 06:05 PM

Everything is "possible", even windows may one day turn into a good OS, ( nah! )
But first post what you have already tried no one here is going to write the script for you, second if you are just starting out with shell scripting grab a copy of the advanced bash scripting guide ( abs ), it covers the basic's right upto advanced stuff.

SAbhi · 12-11-2014, 10:41 PM

Tell us what have you tried so far, we can try suggesting the fix if there are issues but we cant serve cooked recipes.

Billy_6052 · 12-12-2014, 10:42 AM

right what I want to do now is log any errors in the var/log/messages, the command I am using is

logrobot /var/log/messages 60 'error' 'panic' -show 5 10

logrobot command is not there, is there any command similar to this?

Habitual · 12-12-2014, 12:40 PM

Quote:

Originally Posted by Billy_6052

right what I want to do now is log any errors in the var/log/messages, the command I am using is

logrobot /var/log/messages 60 'error' 'panic' -show 5 10

logrobot command is not there, is there any command similar to this?

Maybe install it? http://www.logrobot.com/

Billy_6052 · 12-13-2014, 02:32 AM

Quote:

Originally Posted by Habitual

Maybe install it? http://www.logrobot.com/

I know you can install it, I just wanted to know if there is a command similar to it where I dont have to install it