Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Abraham_Mathai1
Participant

Automate Log copy to external SFTP

Hi Team,
 
I want to create a automated script for my customer to copy all the log file from Smart Event server to an external storage due to space crunch. once after the data is copied the files to be deleted from Event server. I am not a scripter so share the most information you can.
----------------------
 
#!/bin/bash
 
#Find log files inside the /var/log directory that are at least three months old and store those files in a #text file.
find $FWDIR/log/ -name "2021*" -type f -mtime +5 2> /dev/null > log_files_to_transfer.txt
 
#Send all of the files found to the remote log server via sftp.
for file in log_files_to_transfer.txt; do
echo put $file | sftp -b- test@10.10.18.1:/
done
 
#Find log files inside the /var/log directory that are at least three months old and delete them.
find $FWDIR/log/ -name "2021*" -type f -mtime +5 2> /dev/null -exec rm -f {} \;
exit 0
--------------------------
 
This script is not working for SFTP. Could someone help me to fix this. If anyone has any other script to achieve the same job please share.
0 Kudos
2 Replies
_Val_
Admin
Admin

I do not see the password sent to sftp auth in the script. 

0 Kudos
masher
Employee
Employee

When I ran the script, it doesn't read from the log_files_to_transfer.txt. My example below uses a SSH key for authentication to the remote host. Without the ssh key, then there's no method for authentication with SFTP.

#!/bin/bash

#Find log files inside the /var/log directory that are at least three months old and store those files in a #text file.
find $FWDIR/log/ -name "2021*" -type f -mtime +5 2> /dev/null > log_files_to_transfer.txt

#Send all of the files found to the remote log server via sftp.
for file in `cat log_files_to_transfer.txt`
do
echo put $file | sftp -b- -i /home/admin/.ssh/SSHKEY <user>@<ip>:<directory>
done

If you're running it from a cronjob, then the script won't understand the $FWDIR environment variable and it will need to be sourced first. This can be added above your first find statement.

source /tmp/.CPprofile.sh

I didn't test the log removal section of your script. I would consider using the built-in log storage management functionality that can be found in SmartConsole rather than scripting the removal of log files. The copy script can be referenced to run before log deletion.

- https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...