Hello, I know centos does not use syslog-ng, but I have installed it at my university. My intention is if a particular string appears in my /var/log/messages I would like to get an email alert. For example, if i see a message "foo" in /var/log/kern I would like to email myself. Any idea how to do this? Has anyone done this before? TIA
On 2008-08-29 13:19, Mag Gam wrote:> I know centos does not use syslog-ng, but I have installed it at my > university. My intention is if a particular string appears in my > /var/log/messages I would like to get an email alert. > > For example, if i see a message "foo" in /var/log/kern I would like to > email myself.I use "monit" for that (and other things). Easy to setup, very reliable. Available from rpmforge: yum --enable=rpmforge install monit -- Paul Bijnens, xplanation Technology Services Tel +32 16 397.511 Technologielaan 21 bus 2, B-3001 Leuven, BELGIUM Fax +32 16 397.512 http://www.xplanation.com/ email: Paul.Bijnens at xplanation.com *********************************************************************** * I think I've got the hang of it now: exit, ^D, ^C, ^\, ^Z, ^Q, ^^, * * F6, quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, * * stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt, abort, hangup, * * PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e, kill -1 $$, shutdown, * * init 0, kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ... * * ... "Are you sure?" ... YES ... Phew ... I'm out * ***********************************************************************
Have you heard of http://www.ossec.net/? It would do what you like and more. You configure which logs you want watched and who should be emailed/texted/paged according to various levels of criticality. I believe you can have it email you for custom log-events; although it will notice many common failure messages and other anomalies automatically - so many I haven't needed to modify much. I'm not sure if centos provides packages w/ similar functionality or not. Jeremiah On 29 Aug 2008, at 04:19, Mag Gam wrote:> Hello, > > I know centos does not use syslog-ng, but I have installed it at my > university. My intention is if a particular string appears in my > /var/log/messages I would like to get an email alert. > > For example, if i see a message "foo" in /var/log/kern I would like to > email myself. > > Any idea how to do this? Has anyone done this before? > > TIA > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos
Mag Gam wrote:> Hello, > > I know centos does not use syslog-ng, but I have installed it at my > university.Consider rsyslog ?
On 8/29/08, Mag Gam <magawake at gmail.com> wrote:> Hello, > > I know centos does not use syslog-ng, but I have installed it at my > university. My intention is if a particular string appears in my > /var/log/messages I would like to get an email alert.Check out SWATCH: http://swatch.sourceforge.net/ Best, -at