SEC is not as complex to set up as the tutorial makes it look. I'd give it an afternoon, and I almost guarantee you'll have a working setup by the end of the day.
Potentially http://logcheck.org or logwatch could be the tool you want. I haven't dug in with either in a while... m. > On Nov 4, 2013, at 9:28 AM, James R Grinter <j...@watching.org> wrote: > > I'm looking for a Unix log monitoring script that is functional and > straightforward to configure. > > (I've just wasted an afternoon with the latest version of 'swatch' that I can > find, from April 2013. Its configuration seems so brittle and hard to debug > and I don't really have the time to dig deeper into its byzantine "create a > Perl script on the fly" behaviour to understand why my attempt at a simple > configuration generates errors like [sh: -c: line 0: unexpected EOF while > looking for matching `"']) > > I have a number of different log files each which may report different things > of interest to me, so I'm ideally looking for a tool that can be configured > with multiple configuration files (e.g. one per log file). But I don't really > want to have to manage many different services/running daemons in order to do > that (SEC - Simple Event Correlator - may be able to do this, but the online > tutorial makes configuring it look very complicated.) > > I'm not really looking for a tool as complex and powerful as Splunk or > greylog, either. Something that can watch a log file, match a pattern, and > execute a command is all I need right now. > > James. > _______________________________________________ > Tech mailing list > Tech@lists.lopsa.org > https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech > This list provided by the League of Professional System Administrators > http://lopsa.org/ _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
