Sandeep, You problem seems to be that you want to detect system/kernel messages in "real time", rather than after some delay. /vary/log/messages is indeed the file where log entries go in a normally configured system, but read the explanation that follows:
The Linux logging system, much like the logging systems of most Unix's is queue based - that is, once an application/kernel requests the system/kernel logger to log something, it is not written to the file immediately, but rather stored in a in-memory queue. Only when the system/kernel logger has enough messages in the queue, does it actually commit the entries to the file [/var/log/messages generally]. All of this is done for sake of efficiency - if Unix's wrote everything to the disk every time they had a byte to write, they'd be no better than good old DOS! Anyways, to answer your question, here is what all you can do to peek into the kernel ring buffer: 1) You can repeatedly run "dmesg" through a shell script and grep for the message you're looking for. 2) If you are a 'C' programmer, you can use the syslog() function call to read the ring buffer. - man 2 syslog 3)...Fill in some exotic method here.... I wouldn't recommend any of the above. Your initial problem is detecting whether a network connection is down - what you need to is to more clearly define what being "down" means. Do you mean that the connection is down at a physical level, i.e. the media is down? Or do you want to check for reach - i.e., make sure that traffic is/isn't flowing through the network, even if the network connection is up. For both the cases, you should use specific mechanisms to detect changes. For eg. I think that you should look at rtnetlink sockets and see if they provide a notification for changes. For interfaces running DHCP, something like pump lets you run a script to notify you of important events. Any, finally, if you want to check reach, you could write a shell scripts that continuously pings then intended host ;) Grepping or searching through the system log entries might prove to be *very* in-efficient. Hope this helps ... any more info would qualify as consultancy and I'll charge you for it ;) Regards, Varun Varma, --------------------------------------------- Mindframe Software & Services Pvt. Ltd., A-50, Sector-39, NOIDA, U.P. - 201301, India http://www.mindsw.com --------------------------------------------- ----- Original Message ----- From: "Sandeep Vasishta" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, February 19, 2002 9:28 AM Subject: [ilugd]: Log Messages > Dear Naresh, > Thanks for the prompt reply. There is no such file > /var/adm/messages. Can you pls. explain how can i use syslogd to trap > messages on run time. > > Regds, > Sandeep > > > _________________________________________________________________ > MSN Photos is the easiest way to share and print your photos: > http://photos.msn.com/support/worldwide.aspx > > ================================================ > To subscribe, send email to [EMAIL PROTECTED] with subscribe in subject header > To unsubscribe, send email to [EMAIL PROTECTED] with unsubscribe in subject header > Archives are available at http://www.mail-archive.com/ilugd%40wpaa.org > ================================================= > ================================================ To subscribe, send email to [EMAIL PROTECTED] with subscribe in subject header To unsubscribe, send email to [EMAIL PROTECTED] with unsubscribe in subject header Archives are available at http://www.mail-archive.com/ilugd%40wpaa.org =================================================
