批处理文件监视日志文件目录并在发生更改时发送电子邮件警报?

时间:2014-02-19 18:24:06

标签: batch-file logfile file-monitoring

我希望创建一个可以放在服务器上的批处理文件,并让它每天通过任务计划程序运行,以监视应用程序的日志文件目录。如果日志文件名称发生更改(例如,出现错误日志),批处理将向管理员或管理员组发送电子邮件。

此类批次的一般脚本是什么?

谢谢。

2 个答案:

答案 0 :(得分:0)

我会使用vbscript,因为它具有内置功能。这是一个通用脚本,您可以修改它以执行您想要的操作。在任务计划程序中使用cscript调用它。 

MonitorFolder()

Function MonitorFolder()
intInterval = "2"
strDrive = "C:" 
strFolder = "\\temp\\"
strComputer = "." 
Set objWMIService = GetObject( "winmgmts:" & _ 
    "{impersonationLevel=impersonate}!\\" & _ 
    strComputer & "\root\cimv2" )
strQuery =  _
    "Select * From __InstanceOperationEvent" _
    & " Within " & intInterval _
    & " Where Targetinstance Isa 'CIM_DataFile'" _
    & " And TargetInstance.Drive='" & strDrive & "'" _
    & " And TargetInstance.Path='" & strFolder & "'"
Set colEvents = objWMIService.ExecNotificationQuery (strQuery) 
WScript.Echo "Monitoring events...[Ctl-C] to end"
Do 

    Set objEvent = colEvents.NextEvent()
    Set objTargetInst = objEvent.TargetInstance

    Select Case objEvent.Path_.Class 
        Case "__InstanceCreationEvent" 
            WScript.Echo "Created: " & objTargetInst.Name
            SendEmail "FolderMonitor@Domain.com", "youremail@domain.com","Log File Created", "A new error log has appeared"
        Case "__InstanceDeletionEvent" 
            WScript.Echo "Deleted: " & objTargetInst.Name 
        Case "__InstanceModificationEvent" 
            WScript.Echo "Modified: " & objTargetInst.Name
    End Select 
Loop
End Function

Sub SendEmail(sFrom, sTo, sSubject, sMessageBody)
    Set objMessage = CreateObject("CDO.Message") 
    objMessage.Subject = sSubject 
    objMessage.From = sFrom 
    objMessage.To = sTo
    objMessage.TextBody = sMessageBody
    objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/sendusing") = 2 
    objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserver") = "smtp.myserver.com"
    objMessage.Configuration.Fields.Item _
("http://schemas.microsoft.com/cdo/configuration/smtpserverport") = 25 
    objMessage.Configuration.Fields.Update
    objMessage.Send
end sub

答案 1 :(得分:-1)

以下是我项目中用于监控日志更改的一段代码

使用

  • 用于跟踪日志文件更改的java nio
  • sigar api(https://github.com/hyperic/sigar)用于获取将用于停止服务的进程ID
  • 用于在发送警报时发送邮件的java邮件(method- sendMail)

必须将dll文件添加到构建路径以使用sigar api 

void initializePathAndWatcher(String directoryPath, String directoryName, Map<String, Object> data)
        throws IOException {
    yamlData = data;
    Sigar sigar = new Sigar();
    long pid = sigar.getPid();
    log.debug("Pid for current process: [" + pid + "]");
    path = Paths.get(directoryPath, directoryName);
    log.debug("Directory being watched: [" + path.toAbsolutePath() + "]");
    watcher = FileSystems.getDefault().newWatchService();
    path.register(watcher, ENTRY_CREATE, ENTRY_MODIFY);
    sigar.close();
}

void watcherServiceShutDown() throws IOException {
    watcher.close();
}

void trackEvent() throws Exception {
    try {
        while (true) {
            WatchKey watchKey;
            watchKey = watcher.take();
            for (WatchEvent<?> event : watchKey.pollEvents()) {
                WatchEvent.Kind<?> kind = event.kind();
                @SuppressWarnings("unchecked")
                WatchEvent<Path> ev = (WatchEvent<Path>) event;
                Path fileName = ev.context();
                if (fileName.toString().equals(yamlData.get("directory.filename").toString())) {
                    log.debug(kind.name() + ": [" + fileName + "]");
                    StringBuilder absoluteFilePath = new StringBuilder(path.toString());
                    absoluteFilePath.append("/");
                    absoluteFilePath.append(fileName);
                    Path filePath = Paths.get(absoluteFilePath.toString());
                    long lineCount = Files.lines(filePath).count();
                    Boolean flagMatchFound = false;
                    if (statusFlag.equalsIgnoreCase("WARN")) {
                        flagMatchFound = Files.lines(filePath).skip(linePointer).filter(s -> !s.isEmpty())
                                .anyMatch(s -> s.contains(yamlData.get("success.keyword").toString()));
                        if (flagMatchFound.equals(true)) {
                            log.warn("Bing server is back to normal");
                            statusFlag = "SUCCESS";
                            sendMail((String) yamlData.get("mail.success.subject"),
                                    (String) yamlData.get("mail.success.body"));
                        }
                    }
                    if (statusFlag.equalsIgnoreCase("SUCCESS")) {
                        flagMatchFound = Files.lines(filePath).skip(linePointer).filter(s -> !s.isEmpty())
                                .anyMatch(s -> s.contains(yamlData.get("error.keyword").toString()));
                        if (flagMatchFound.equals(true)) {
                            log.warn("Problem diagnosed on bing server");
                            statusFlag = "WARN";
                            sendMail((String) yamlData.get("mail.warn.subject"),
                                    (String) yamlData.get("mail.warn.body"));
                        }
                    }
                    linePointer = lineCount;
                    log.debug("Count of lines already processed active file: [" + linePointer + "]");
                }
            }
            watchKey.reset();
        }
    }
    catch(Exception e)
    {
        throw new Exception("Error occoured in trackEvent", e);
    }
    finally {
        watcher.close();
    }
}
相关问题
最新问题