[syslog-ng] Emailing log events
Nate Campi
nate at campin.net
Mon Aug 6 02:15:14 CEST 2007
On Sat, Aug 04, 2007 at 02:13:15PM +0200, fredzy padzy wrote:
>
> I think SEC can do what you're looking for.
>
> Simple Events Correlator is a powerful perl script which can detect special
> logs.
>
> Just have a look at :http://www.estpak.ee/~risto/sec/
>
> after that, you'l have to write your own rules which is pretty simple
SEC works out really well for me. I have it notify people via email of
expiring LDAP passwords, email things being logged in the monitoring
system, submit monitoring alerts for things found in the logs, and even
reach out and fix problems (using cfrun from cfengine).
Pipe directly into it from syslog-ng like I show here:
http://www.campin.net/newlogcheck.html#sec
--
Nate
"COFFEE.EXE missing. Insert cup and press any key." -Anon.
More information about the syslog-ng
mailing list