Break down the following bash script?

0

0

I need help breaking down the following bash script, to understand what the author was trying to do. The script is meant to search a log file for data and then compare it to an email log file. Differences between both files are then emailed to 'people'. The script has recently been returning false positives. 

cat /Shared\ Items/CIF_FILES/logs/applicants/applicants.log |
grep `date "+%Y:%m:%d"` |
while read line; do grep "`date "+%d/%b/%Y"`" /usr/local/kerio/mailserver/store/logs/mail.log |
grep `echo $line |awk '{print $5}' |rev | cut -c 2-| rev` |
grep -q `echo $line |awk '{print $8}'` || echo $line; done |
mailx -s "Applicants Without Notification For `date "+%d/%b/%Y"`" 'person1@email.com, person2@email.com, person3@email.com'

What I can tell so far...

  1. cat file application.log
  2. pipe cat results and grep Date/Time in format Y:M:D
  3. While doing the above, grep Date/Time in format D:M:Y from mail.log file.
  4. This is where I get mixed it, it looks like it then grep-s again, echo-es the results in a variable, and then uses awk to format the data in a specific way.
  5. It then takes those formatted results and echo-es the data stored in the variable and emails it off to the people who should be notified.

QUESTIONS:

  • Is there a more efficient way to write this script? Pipe seems to be used way too much.
  • If the script is returning false positives, where is the most likely cause of the problem?

Here is a snip of the applicants.log file:

2017:11:26 - 06:03 - Couch, Danny / 100899-Video Production Specialist
2017:11:26 - 09:14 - Brown, Don / 100899-Video Production Specialist
2017:11:26 - 09:32 - Stanford, David / 100916-Creative Services Team Manager

Here is a snip of the mail.log file:

[26/Nov/2017 06:03:44] Recv: Queue-ID: 5a1aada0-000006fa, Service: SMTP, From: <_www@server.thecompany.com>, To: <person1@thecompany.com>, Size: 9571, Sender-Host: mail-sn1nam01lp0119.outbound.protection.outlook.com, SSL: yes, Subject: CIF: 100899-Video Production Specialist: Danny Couch, Msg-Id: <20171126120341.866E12750554@server.thecompany.com>
[26/Nov/2017 06:03:46] Sent: Queue-ID: 5a1aada0-000006fa, Recipient: <person1@thecompany.com>, Result: delivered, Status: 2.0.0 , Remote-Host: 127.0.0.1, Msg-Id: 
[26/Nov/2017 09:14:27] Recv: Queue-ID: 5a1ada53-00000713, Service: SMTP, From: <_www@server.thecompany.com>, To: <person1@thecompany.com>, Size: 9886, Sender-Host: mail-by2nam01lp0181.outbound.protection.outlook.com, SSL: yes, Subject: CIF: 100899-Video Production Specialist: Don Brown, Msg-Id: <20171126151424.6379027519D6@server.thecompany.com>
[26/Nov/2017 09:14:28] Sent: Queue-ID: 5a1ada53-00000713, Recipient: <person1@thecompany.com>, Result: delivered, Status: 2.0.0 , Remote-Host: 127.0.0.1, Msg-Id: <20171126151424.6379027519D6@server.thecompany.com>
[26/Nov/2017 09:32:40] Recv: Queue-ID: 5a1ade98-00000719, Service: SMTP, From: <_www@server.thecompany.com>, To: <person2@thecopmany.com>, Size: 8807, Sender-Host: mail-bn3nam01lp0176.outbound.protection.outlook.com, SSL: yes, Subject: CIF: 100916-Creative Services Team Manager: David Stanford, Msg-Id: <20171126153239.26CF22751A2F@server.thecompany.com>
[26/Nov/2017 09:32:42] Sent: Queue-ID: 5a1ade98-00000719, Recipient: <person2@thecompany.com>, Result: delivered, Status: 2.0.0 , Remote-Host: 127.0.0.1, Msg-Id: <20171126153239.26CF22751A2F@server.thecompany.com>

Here is the resulting email which is sent to the folks in the mail portion end of the script:

Subject: Applicants Without Recruiter Notification For 26/Nov/2017
Message-ID: <20171127055500.7BAF0275617B@thecompany.com>
Date: Sun, 26 Nov 2017 23:55:00 -0600
From: System Administrator <admin@server.thecompany.com>
Return-Path: admin@server.thecompany.com

2017:11:26 - 06:03 - Couch, Danny / 100899-Video Production Specialist
2017:11:26 - 09:14 - Brown, Don / 100899-Video Production Specialist
2017:11:26 - 09:32 - Stanford, David / 100916-Creative Services Team Manager

So the resulting notification (Applications Without Notifications) should only occur when there is an entry in the applicants.log file which does not have a corresponding entry in the mail.log file. So if there was no entry in the mail.log file for David Stanford, the notification would reflect ONLY that the mail server did not receive an email for David Stanford. It would not say that for either Danny Couch or Don Brown because it would find their names in the mail.log file. Instead, the script is generating the notification for all applications, no matter if the mail.log file has a corresponding entry to the applicants.log file.

Macspt

Posted 2017-11-22T21:37:23.643

Reputation: 1

1Please review if my editing of your code into a readable form didn't break it; correct if needed. – Kamil Maciorowski – 2017-11-22T21:52:04.787

It would be a great help if you provided (a snippet of) applicants.log and (a snippet of) mail.log along with a resulting text that enters mailx (to verify if we get the same result). Try to make them generate a false positive and tell us where exactly in the final text it is. Assume we don't know the format of logs you use, therefore it's hard to analyze what awk and other tools do to them; unless you give us some snippets, that is. [Edit] your question to add this information. – Kamil Maciorowski – 2017-11-22T22:15:31.020

KM: Here are the snippets you requested. I will take a look at your adjustments and post back. – Macspt – 2017-11-27T19:18:46.073

(1) What is wrong with pipes? A long single line is barely readable, true, but you can split it like I did. (2) I got false positives from your snips because my date "+%b" returns non-English abbreviated name. What are your language settings? Please add the output of printenv | egrep "^LANG|^LC_".

– Kamil Maciorowski – 2017-11-28T06:25:45.093

>

  • Nothing wrong with the pipes, I am not an expert so I thought I would ask if that's the best way to do it? 2. I checked the server and LANG=en_US.UTF-8
    • < – Macspt – 2017-11-28T20:34:08.223

    Sorry, I cannot reproduce these false positives. When I set LANG=en_US.UTF-8, the output from done is empty. – Kamil Maciorowski – 2017-11-28T22:59:56.457

    Answers

    0

    So I discovered it was not a problem with the script per se. The script was scheduled to run every night using cron under the root account. Access to the mail server's mail.log file was configured to use a private/pub key. The pub key had not been properly copied to the root users account on the mail server. So, when the script ran it did not have the proper permissions to navigate to the mail.log file. This is what caused the script to fail and generate the false positives, because it could not read the mail.log file to grep the data out of it.

    When you setup a private/pub key access from client to server, make sure you copy the pub key to the appropriate user account that will be running the script. In this case the pub key had been copied to an admin account on the mail server, but not the same account which was running the script from the file server.

    So if BOB will be the account running the script, you should have:

    • /users/bob/.ssh/id_rsa (On the client computer)
    • /users/bob/.ssh/id_rsa.pub (On the server your trying to access)

    This is for Mac OSX BTW.

    Macspt

    Posted 2017-11-22T21:37:23.643

    Reputation: 1

    Asked: 2017-11-22T21:37:23.643

    Viewed: 154 times

    Active: 2017-12-04T23:28:50.210