[syslog-ng] Emailing log events

fredzy padzy fredzyy at gmail.com
Sat Aug 4 14:13:15 CEST 2007


Hi

I think SEC can do what you're looking for.

Simple Events Correlator is a powerful perl script which can detect special
logs.

Just have a look at :http://www.estpak.ee/~risto/sec/

after that, you'l have to write your own rules which is pretty simple

bye

2007/8/3, Darwin, Samuel <darwins at thirteen.org>:
>
> Hi,
>
> Is there a good way to have syslog-ng email me when particular log
> events occur?
>
> I am running a very standard, default installation of CentOS 5.
>
> Example:
>
> I tried this sort of methodology, but it didn't work:
>
> source net { udp(); };
> destination emailer { program("mail myaddress at yahoo.com"); };
> log { source(net); destination(emailer); };
>
> In this case, I'd expect to be emailed a copy of every single message
> received over udp.   However, what happens is that the program "mail
> myaddress at yahoo.com" gets run and appears in the process table, but no
> emails are sent.  The syslog log file shows dropped='program(mail
> myaddress at yahoo.com)=0' , indicating something is being "dropped".
>
> I think that I must be going about this the wrong way.    Maybe I can't
> use syslog-ng to send emails?
>
>
> Thanks,
> Sam Darwin
> Thirteen.org
>
> _______________________________________________
> syslog-ng maillist  -  syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20070804/b3055582/attachment.htm 


More information about the syslog-ng mailing list