2

I would like to search for Error/Fatal logs in various log files(12) and to get some sort of alert(mail) in case of the event.

I have tested ChainSaw - Only supports log4j and has no alert feature

Splunk - Free version does not have alert feature

Scribe - Roll out time will be a bit higher. Default logging of Log4j & Python has mail alert feature but I would like to keep my configuration in one place instead of lying around in different files

My other option is to write a program that reads all the log files and searches for the regex and on matching takes the necessary action, but I would like to know if there is already a opensource tool available for that.

raman2887
  • 31
  • 5

1 Answers1

0

If the logs you want to monitor are on just one host, you can use Cron or Nagios.

If they're on multiple hosts, use Nagios.

Nagios has a pretty advanced plugin that allows you to monitor logs however you want.

(Example)

To monitor several logs in a directory:

logrobot autoblz /var/log 60m '.' 'ERROR' 1 2 log_mon -ndfoundn

To monitor a single log file:

logrobot autoblz /var/log/syslog 60m '.' 'ERROR' 1 2 syslog_monitor -ndfoundn

user99187
  • 13
  • 2