Hello Martin, from monit.log:
> [CET Mar 2 08:23:11] info : 'syslog' start on user request > ... > [CET Mar 2 08:23:41] error : 'syslog' content match [Mar 2 06:28:25 host > kernel: matching content > …. > [CET Mar 2 08:23:41] error : 'syslog' content match [Mar 2 07:54:44 host > kernel: matching content Is it possible to scan the file not from beginning, but from 'syslog‘ starting time to get only new matching entries? > Am 02.03.2016 um 15:05 schrieb Martin Pala <[email protected]>: > > monit saves the log file position in the state file (by default stored in > ~/.monit.state). If the inode changes, or size of the file shrinks, the > position is reset. > Please check if your state file is stored in a persistent filesystem. Here is all okay. >> On 02 Mar 2016, at 10:03, Petra Humann <> wrote: >> >> I’m monitoring syslog with >> >> check file syslog with path /var/log/syslog >> stop program = "/usr/bin/ssh remote /sbin/cmd parameter" >> start program = "/bin/true" >> if match „some string" then restart >> >> Two problems: >> If I start monitoring, the whole syslog is scanned from beginning >> and not from the monit start time. >> If the condition occurs, I see in the logs of the remote system >> the login, but the command "/sbin/cmd parameter“ is not always >> executed…. Solved. This was not a monit problem. >> The system is an actual Debian Jessie LTS. Thank you very much. Petra Humann
smime.p7s
Description: S/MIME cryptographic signature
-- To unsubscribe: https://lists.nongnu.org/mailman/listinfo/monit-general
