Apparently, though unproven, at 22:41 on Monday 22 November 2010, Stroller did opine thusly:
> On 22/11/2010, at 8:29am, Lubos Kolouch wrote: > > Stroller, Fri, 19 Nov 2010 22:06:57 +0000: > >> On 19/11/2010, at 8:45pm, Fatih Tümen wrote: > >>> I just want to beware of anything unusual instantly, preferably by > >>> email. This is a single or two user laptop. > >> > >> I've been meaning for some time to look for something like this myself. > >> I'm personally only interested in messages from the RAID controller, and > >> I'm not sure that I'm a high-risk for intrusion, but I do want to know > >> about it *immediately* if a drive fails, so that ideally I can pop into > >> the store on the way home and pick up a new disk to replace the one that > >> failed. > > > > Seems to me like a use case for nagios > > This makes it appear waaay overkill for my purposes: > http://www.nagios.org/about/screenshots > > All I want is a simple email notification when $string appears in the log. > > I'm actually a little surprised that there isn't a syslogger which can > parse stuff as it writes it out, and thus perform actions, such as > mailing. I'm assuming there isn't, since no-one has mentioned it. > > Stroller. syslog-ng-3.2 with the new patterndb It doesn't do it out of the box, you have to write the pattern match (conceptually similar to a regex) and you have to pipe the output to a script which mails you, but it can be done. Or you could just use OSSEC where *all* the heavy lifting above has been done. -- alan dot mckinnon at gmail dot com
