#!/bin/csh -f #H# This script simply starts logging a bunch of stuff that I like to watch. #H# It detects which things to tail based on the hostname. #H# #H# This script now uses xtail instead of regular tail as I like its multi-file #H# abilities better. It also notices if a file gets replaced by newsyslog #H# or multilog. # different logfiles on different OSs set OS=`uname -s` set HostName=`uname -n` # exclude some stuff under /service that is waaaay too noisy set ServiceLogs=/service/*/log/main/c* set LogsToTail="" foreach f ($ServiceLogs) if ($f != "/service/dnscache/log/main/current") then if ($f != "/service/dnscache-17/log/main/current") then if ($f != "/service/tinydns/log/main/current") then if ($f != "/service/nullmailer/log/main/current") then if ($f != "/service/qmail-send/log/main/current") then if ($f != "/service/qmail-smtpd/log/main/current") then if ($f != "/service/qmail-qmtpd/log/main/current") then set LogsToTail="$LogsToTail $f" endif endif endif endif endif endif endif end if ($HostName == "asylum") then set LogsToTail="$LogsToTail /var/log/qmail/rblsmtpd/c* /var/log/mysql/* /var/log/ircd/ircd.log /var/log/ircd/ircd-ipv4.log" endif if ("$OS" == "Linux") then xtail /var/log/messages /var/log/secure $LogsToTail & endif if ("$OS" == "OpenBSD") then set HN=`uname -n` if ("$HN" == "hellmouth.sanitarium.net") then # this is for the firewall logs that are only on hellmouth tcpdump -n -e -ttt -i pflog0 & endif xtail /var/log/adduser /var/log/authlog /var/log/daemon /var/log/ftpd /var/log/lpd-errs /var/log/messages /var/log/secure /var/log/xferlog /var/snort/log/alert $LogsToTail & xtail /var/log/spamd & endif