My original query:
> We are running an application here, UNIKiX actually, that every month
> or so gives us fits with mysterious failures. The problems are typically
> logged in its runtime log, but we don't pay close enough attention to
> it.
> So, I'm imagining a log monitor facility that will watch the log for us
> and report anything that isn't normal. This sort of implies that you
> need
> to tell it what is normal so that it can report what isn't normal. It
> should basically learn by asking if a message is ok or not and keeping
> track of it so that next time it wont report it.
>
> It seems to me I can write something like this in a few days, but
> before I jumped into it, I wanted to see if others know of an existing
> product or something similar.
I got four responses. I haven't had a chance to check them all out yet, but here they are. Thanks to all.
scoates_at_resourcepartner.com
I am using a PERL script called wots for monitoring logs. Try checking at
http://www.cpan.org you will find several log monitoring scripts
Kenneth Forward [kforward_at_morgan.ucs.mun.ca]
Try swatch -
ftp://ftp.stanford.edu/general/security-tools/swatch/
System Prestidigitator [BOLSON_at_frango.hs.washington.edu]
I am using a simple script called "logcheck" which I downloaded from:
ftp://coast.cs.purdue.edu/pub/tools/unix/logcheck/
Jorgen Pehrson [jp_at_spektr.eu.org]
Take a look at
http://www.psionic.com/abacus/logcheck. It does exactly
what you want. I've been running it for over a year on a quite busy server
and it works perfectly. I'm running it every 15 minutes and it mails me
any suspicious log entries.
Received on Fri Dec 17 1999 - 16:40:19 NZDT