Can rsyslog, syslog-ng programs monitor change of file? I want to monitor files and receive the changes made to the file by syslog on server. Thank you.
Asked
Active
Viewed 300 times
-1
-
What type of changes do you want to monitor? – ewwhite Jan 13 '15 at 04:12
-
Lines added on that file etc. – mau5 Jan 13 '15 at 04:14
-
Do you need to see the actual content changed or just a notification that the file changed? – ewwhite Jan 13 '15 at 04:14
-
It was enough clear to be _not_ closed, imho it was closed unfairly. – peterh Jan 13 '15 at 09:27
1 Answers
1
Generally speaking knowing that a syslog file is been written isn't very helpful. It's more lightly that you will be looking for certain entries, e.g root authentication or web access on certain URLs. This kind of monitoring is achieved using a log monitor. Something like Swatch or LogAnalyzer. Both have a will check the syslog for patterns & inform you when a pattern is found.
Hope this was helpful.
Eamonn Travers
- 614
- 4
- 11