how to check for an empty string returned by execresult
381 views
Skip to first unread message
Pam Smith
Jan 14, 2013, 5:04:40 PM1/14/13
to help-c...@googlegroups.com
I'm trying to check a log file to see if an entry exists and am using the execresult to grep the result from the logfile. Sometimes, there is nothing returned and would like to know if there is somethihng that's built into Cfengine where Ican check for an empty returned command result.
Then based on the result if the string is not empty, then email a report.
Thanks,
Pam
Then based on the result if the string is not empty, then email a report.
Thanks,
Pam
Brian Bennett
Jan 14, 2013, 5:40:42 PM1/14/13
to Pam Smith, help-c...@googlegroups.com
Presumably you have something like this:
vars:
"foo" string => execresult("/usr/bin/grep bar /var/log/syslog","noshell");
You can add the following:
classes:
"no_results" not => regcmp(".+","$foo"),
vars:
"foo" string => execresult("/usr/bin/grep bar /var/log/syslog","noshell");
You can add the following:
classes:
"no_results" not => regcmp(".+","$foo"),
comment => "This checks to see if the result contains one or more characters, if not raise a class";
-- reports:
no_results::
"The entry did not exist in the log file";
Although, if I could see what your current promise looks I could give you a more specific solution.
Brian
--
You received this message because you are subscribed to the Google Groups "help-cfengine" group.
To post to this group, send email to help-c...@googlegroups.com.
To unsubscribe from this group, send email to help-cfengin...@googlegroups.com.
Visit this group at http://groups.google.com/group/help-cfengine?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
Jean Rémond
Jan 14, 2013, 6:03:10 PM1/14/13
to Brian Bennett, Pam Smith, help-c...@googlegroups.com
You should have a look at https://cfengine.com/manuals/cf3-Reference#match_005fvalue-in-measurements
Or try with returnszero and grep -q
https://cfengine.com/manuals/cf3-Reference#Function-returnszero
body match_value scan_log(x) { select_line_matching => "^$(x)$"; track_growing_file => "true"; }
Or try with returnszero and grep -q
https://cfengine.com/manuals/cf3-Reference#Function-returnszero
Pam Smith
Jan 15, 2013, 9:25:12 AM1/15/13
to help-c...@googlegroups.com
Thanks so much for the great ideas on this! Here is my updated promise:
bundle agent check_breakin_attempts
{
vars:
"current_day" string => execresult("/bin/date +%d", "useshell");
"current_month" string => execresult("/bin/date +%b", "useshell");
"breakin_failed_passwd" string => execresult("/bin/grep '$(current_month) $(current_day)' /var/log/messages* | \
/bin/grep 'Failed' | \
/bin/grep 'password' | \
/bin/awk '{ print $11 }'", "useshell");
classes:
"no_results" not => regcmp(".+","$breakin_failed_passwd"),
comment => "This checks to see if the string is empty..";
reports:
linux::
!no_results::
"Command failed! Results: $(breakin_failed_passwd)";
no_results::
"Command succeeded! $(breakin_failed_passwd)";
}
For some reason, I can execute the command to grep the log on the command line, but when I try to run it with this policy, it doesn't return anything for me. I think I need to look into the 'useshell' option, maybe that isn't set correctly. Thanks a bunch for your help!
Pam
bundle agent check_breakin_attempts
{
vars:
"current_day" string => execresult("/bin/date +%d", "useshell");
"current_month" string => execresult("/bin/date +%b", "useshell");
"breakin_failed_passwd" string => execresult("/bin/grep '$(current_month) $(current_day)' /var/log/messages* | \
/bin/grep 'Failed' | \
/bin/grep 'password' | \
/bin/awk '{ print $11 }'", "useshell");
classes:
"no_results" not => regcmp(".+","$breakin_failed_passwd"),
comment => "This checks to see if the string is empty..";
reports:
linux::
!no_results::
"Command failed! Results: $(breakin_failed_passwd)";
no_results::
"Command succeeded! $(breakin_failed_passwd)";
}
For some reason, I can execute the command to grep the log on the command line, but when I try to run it with this policy, it doesn't return anything for me. I think I need to look into the 'useshell' option, maybe that isn't set correctly. Thanks a bunch for your help!
Pam
Reply all
Reply to author
Forward
0 new messages