Hi all !!
im really new to perl so please bare with me and
help..
I need a script to read /var/log messages and each
time it sees a line with the word "IDS" it will send
the whole line via mail to the administrator of the
IDS, here is an example of such a line:
Oct 19 15:40:30 172.31.0.254 %PIX-4-400011: IDS:2001
ICMP unreachable from 200.69.22.146 to 200.61.54.55 on
interface outside
I wrote this script:
#!/usr/local/bin/perl
$file = '/var/log/messages'; # Name the file
open(INFO, "/var/log/messages"); # Open the file
while
$message = <INFO> / IDS/g { # Read it
into an array
$ message = $&
sub sendEmail # simple Email function
my $sendmail = '/usr/lib/sendmail';
open(MAIL, "|$sendmail -oi -t");
print MAIL "From: [EMAIL PROTECTED]";
print MAIL "To: [EMAIL PROTECTED]";
print MAIL "Subject: Pix IPS Attck Detection\n\n";
print MAIL "$message\n";
close(MAIL);
}
It doesnt work and I dont know why... can someone
help?
another question, how to execute this script so it
will be in memory oc the server all the time? should I
run it throw rc.local?
thanks a lot for helping me !!
thanks !
Juan
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
http://learn.perl.org/
