Log Monitor

Does any know of a monitoring utility for logs? I use Nagios Event Log Agent for Windows but I want something for linux and for logs in general. I found one on google once but I didn’t bookmark it (fool) and now I can’t find it anymore. I’m sure there are a few options but all I can find is “fetch log” and I thought there might have been a better one.

Thanks for any replies or hints!!

James

Hi,

as each different linux/unix version has different logs, the best way to monitor logs is to write your own monitoring script;
you can do it in perl, python or sh; it’s quite easy … and moreover, once you can write that, you’ll be able to write any plugin you would need :wink:

Hi Loose,

I’m not opposed to writing my own script. I’ve done it before for other nagios things, but ya. I don’t really want to write this one if I don’t have to. I’m sure someone else has already done a better job than I will do

You’re going to want to use either Swatch, or SEC. They are the linux standards right now for log watching. Swatch is still popular and you’ll find a lot of howto’s for it, but some people have moved to SEC. Look at the features of both to see which you think would work better for your implementation:

SEC (Simple Event Corrolator)
estpak.ee/~risto/sec/

Swatch
sourceforge.net/projects/swatch/

Thanks so much for your response. That’s very helpful. I’ll evaluate the two options as you suggested. Thanks!

Hi,
you might want to try check_logfiles consol.com/opensource/nagios/check-logfiles
Gerhard