Need grep results sent to email

JaredBusch

Client had no special logging setup (will be setting up ELK now so yeah for work for me) for monitoring employee issues legally in order to have "paperwork" for discipline.

Until I can get ELK up and running (probably next week on my priority list), I want a quick and dirty method to track a pair of events from the asterisk log.

These two basic greps will tell me how many times a user is going into and out of DND.

#ext 5153 went on DND
grep 'SIP/5153,Value: Do not Disturb' /var/log/asterisk/full
#ext 5153 came off DND
grep 'SIP/5153,Value: "' /var/log/asterisk/full

What would be the best way to get that mailed to me?

Here is the full output. And by looking at this, You can see the user went on DND from 8:25 - 9:47 and then 15:26 - 15:47.

Knowing this user's duties, these are exactly as it should be. The user being disciplined, not so much.

# grep 'SIP/5153,Value: "' /var/log/asterisk/full
[Feb  2 09:47:01] VERBOSE[32349][C-00000907] pbx.c:     -- Executing [*[email protected]:6] UserEvent("SIP/5153-00001448", "FOP2ASTDB,Family: fop2state,Channel: SIP/5153,Value: ") in new stack
[Feb  2 15:47:50] VERBOSE[5575][C-00000a80] pbx.c:     -- Executing [*[email protected]:6] UserEvent("SIP/5153-000017e1", "FOP2ASTDB,Family: fop2state,Channel: SIP/5153,Value: ") in new stack
# grep 'SIP/5153,Value: Do not Disturb' /var/log/asterisk/full
[Feb  2 08:25:15] VERBOSE[31445][C-000008b9] pbx.c:     -- Executing [*[email protected]:7] UserEvent("SIP/5153-00001381", "FOP2ASTDB,Family: fop2state,Channel: SIP/5153,Value: Do not Disturb") in new stack
[Feb  2 15:26:03] VERBOSE[5207][C-00000a64] pbx.c:     -- Executing [*[email protected]:7] UserEvent("SIP/5153-00001794", "FOP2ASTDB,Family: fop2state,Channel: SIP/5153,Value: Do not Disturb") in new stack

stacksofplates

I would say just a cron job and have it email the output to you. You can specify an address in the crontab.

If you want any errors use 2>&1 before you pipe to mail.

scottalanmiller

If you have a local MTA like Postfix installed, add the mailx command for simple command line emailing. Just white list the IP of that box on your email system and no need to worry about a relay. Might work anyway, but whitelist just to be sure.

Then you can actually just run your grep directly into the mail command and it will send automatically. Or you can grep into a text file and only email once in a while if you want, instead of in real time.

Cron for automated sending, for sure.

JaredBusch

@scottalanmiller said:

If you have a local MTA like Postfix installed, add the mailx command for simple command line emailing. Just white list the IP of that box on your email system and no need to worry about a relay. Might work anyway, but whitelist just to be sure.

Then you can actually just run your grep directly into the mail command and it will send automatically. Or you can grep into a text file and only email once in a while if you want, instead of in real time.

Cron for automated sending, for sure.

I'm about to drive to St Louis. Can you save me the Google search for the syntax?

scottalanmiller

Sure.

scottalanmiller

Here are the two base commands:

grep 'SIP/5153,Value: "' /var/log/asterisk/full | mail -s "DND Turned Off" [email protected]
grep 'SIP/5153,Value: Do not Disturb' /var/log/asterisk/full | mail -s "DND Turned On" [email protected]

You can put these into cron as they are. If you wanted this daily, like in the morning, you could do this in root's crontab:

30 7 * * *  grep 'SIP/5153,Value: "' /var/log/asterisk/full | mail -s "DND Turned Off" [email protected]
30 7 * * *  grep 'SIP/5153,Value: Do not Disturb' /var/log/asterisk/full | mail -s "DND Turned On" [email protected]

JaredBusch

Thanks had to get on the road I will trying get that at the gas station

scottalanmiller

Is this for 3227? I can pop that into the crontab for you if you want.

JaredBusch

@scottalanmiller said:

Is this for 3227? I can pop that into the crontab for you if you want.

On site system. Not that one. Thanks though.

scottalanmiller

Ah ha, okay. Yeah, just copy/paste into crontab, should be all set.

You'll want to run manually first and see if the emails come through. I tested on a FreePBX system and it went straight through to my Office 365 no problem.

If you are on FreePBX, you will need mailx installed. All dependencies are met by a default install. It's a tiny binary package.

yum -y install mailx

That is what provides the mail command.