System Files Disappear
In this example, we report if important system files disappear, or their file sizes shrink to zero.
The SystemFileNotExist script might send an alert message like the following:
PIKT ALERT
Mon Feb 25 12:06:05 2002
milan
EMERGENCY:
SystemFileNotExist
Report if system files have disappeared, or been zeroed out
/etc/group not found!
SystemFileNotExist makes reference to the =files_system_obj macro, which resolves to the name of the FilesSystem.obj file. The script follows.
SystemFileNotExist
init
status =piktstatus
level =piktlevel
task "Report if system files have disappeared, or been zeroed out
input file "=files_system_obj"
filter "=egrep -iv 'pikt'" // check PIKT files elsewhere
dat $name 1
keys $name
rule
if -e $name // file exists
if -z $name // file is zero length
set $state = "0"
if $state ne %state
=daily(output mail "$name zero bytes!", )
endif
else
set $state = "+"
endif
else // file does not exist
set $state = "-"
if $state ne %state
=daily(output mail "$name not found!", )
endif
endif
This is just one program example. You could add rules, or write new scripts, for example to: report system files that you don't want (such as startup files), report changes in modification times or link counts, report outdated files that should be updating regularly, report and possibly also rm core files, etc.
For more examples, see Samples.
