[Logcheck-commits] r1621 - in logcheck/branches/zugschlus200707: debian src

Sat Jul 28 13:23:07 UTC 2007

Author: zugschlus
Date: 2007-07-28 13:23:07 +0000 (Sat, 28 Jul 2007)
New Revision: 1621

Modified:
   logcheck/branches/zugschlus200707/debian/control
   logcheck/branches/zugschlus200707/src/logcheck
Log:
have logcheck use logtail2


Modified: logcheck/branches/zugschlus200707/debian/control
===================================================================

--- logcheck/branches/zugschlus200707/debian/control	2007-07-28 13:20:23 UTC (rev 1620)
+++ logcheck/branches/zugschlus200707/debian/control	2007-07-28 13:23:07 UTC (rev 1621)
@@ -10,7 +10,7 @@
 
 Package: logcheck
 Architecture: all
-Depends: adduser, debconf, grep (>= 2.5.1-1), exim4 | mail-transport-agent, cron (>=3.0pl1-68), sysklogd | system-log-daemon | syslog-ng, mailx, logtail, lockfile-progs, ${misc:Depends}
+Depends: adduser, debconf, grep (>= 2.5.1-1), exim4 | mail-transport-agent, cron (>=3.0pl1-68), sysklogd | system-log-daemon | syslog-ng, mailx, logtail2, lockfile-progs, ${misc:Depends}
 Recommends: logcheck-database (>= ${source:Version})
 Suggests: syslog-summary
 Description: mails anomalies in the system logfiles to the administrator

Modified: logcheck/branches/zugschlus200707/src/logcheck
===================================================================
--- logcheck/branches/zugschlus200707/src/logcheck	2007-07-28 13:20:23 UTC (rev 1620)
+++ logcheck/branches/zugschlus200707/src/logcheck	2007-07-28 13:23:07 UTC (rev 1621)
@@ -73,7 +73,7 @@
 STATEDIR="/var/lib/logcheck"
 LOGFILES_LIST="/etc/logcheck/logcheck.logfiles"
 LOGFILE_FALLBACK="/var/log/syslog"
-LOGTAIL="/usr/sbin/logtail"
+LOGTAIL="/usr/sbin/logtail2"
 CAT="/bin/cat"
 SYSLOG_SUMMARY="/usr/bin/syslog-summary"
 
@@ -418,30 +418,7 @@
     debug "logoutput called with file: $file"
     if [ -f "$file" ]; then
 	offsetfile="$STATEDIR/offset$(echo $file | tr / .)"
-	if [ -s "$offsetfile" -a -r "$offsetfile" ]; then
-	    if [[ $(wc -c < "$file") -lt $(tail -n 1  "$offsetfile") ]]; then
-	        # assume the log is rotated by savelog(8)
-		# syslog-ng leaves old files here
-		if [ -e "$file.0" -a "$file.0" -nt "$file.1.gz" ]; then
-		    debug "Running logtail on rotated: $file.0"
-		    $LOGTAIL -f "$file.0" -o "$offsetfile" $LOGTAIL_OPTS > \
-			$TMPDIR/logoutput/$(basename "$file") 2>&1 \
-			|| error "Could not run logtail or save output"
-		    rm -f "$offsetfile" \
-		        || error "Could not remove $offsetfile"
-		# assume the log is rotated by logrotate(8)
-		# should also probably check if file is still fresh
-		elif [ -e "$file.1" ]; then
-		    debug "Running logtail on rotated: $file.1"
-		    $LOGTAIL -f "$file.1" -o "$offsetfile" $LOGTAIL_OPTS > \
-			$TMPDIR/logoutput/$(basename "$file") 2>&1 \
-			|| error "Could not run logtail or save output"
-		    rm -f "$offsetfile" \
-		        || error "Could not remove $offsetfile"
-		fi
-	    fi
-	fi
-	debug "Running logtail: $file"
+	debug "Running $LOGTAIL on $file"
 	$LOGTAIL -f "$file" -o "$offsetfile" $LOGTAIL_OPTS \
 	    >> $TMPDIR/logoutput/$(basename "$file") 2>&1 \
 	    || error "Could not run logtail or save output"


