Alerttail monitors a given file and executes a list of actions when a user-defined text pattern has been written to the file. For example, the user can pop up a GTK notification window when a certain message is written to a log file.
A tool to collect log files from multiple Apache web servers, split them based on the virtual host, sort the logs into cronological order, and then pipe them into a log file analyzer of your choice (webalizer, http-analyze, AWstats, etc).
ApacheTop watches a logfile generated by Apache (in standard common or combined logformat, although it doesn't (yet) make use of any of the extra fields in combined) and generates human-parsable output in realtime.
Audiolog is a small tool for analyzing traces or logfiles in real time and producing sound events.
autoabuse monitors the default SuSE Linux firewall log /var/log/messages vor incoming port scans on 27374.
a syslog monitoring program for GNOME, desgined to help system administrators monitor many computers simultaneously. It runs on the desktop, displaying alerts when important log messages are received
collects and analyses the statistics of visits of several sites on one physical server. The data is collected from common Apache logs
logs modifications of a set of files, and allows recovery of the tracked files from any stage of development. The changes are presented in a powerful web-based form, a text file, or an email message
DULog is a simple log notifier and parser which runs periodically (hourly or daily, whichever you prefer), looks at your logs, processes some of the entries in order to present them in a more comprehensive format, and then mails you the output.
Fail2ban monitors log files and temporarily or persistently bans failure-prone addresses by updating existing firewall rules. The software allows easy specification of different actions to be taken such as to ban an IP address using iptables or hostsdeny rules, or simply to send a notification email. It supports many services, and configuration can be easily extended for monitoring any other ASCII file. All filters and actions are given in the configuration files, thus fail2ban can be adopted to be used with a variety of files and firewalls.
Fido is a multi-threaded file watch utility. It can be configured to look for multiple things inside multiple files. When it matches a user-defined pattern, fido runs a user-defined command.
monitors system files. Changes are archived into an RCS repository and change reports are sent via e-mail
Forkstat is a program that logs process fork(), exec() and exit() activity. It is useful for monitoring system behaviour and to track down rogue processes that are spawning off processes and potentially abusing the system.
a patch for Webalizer to generate faster and more reliable geographic statistics than using default DNS suffix method. It uses GeoIP library to do that. In fact, if you disable DNS reversal on your HTTP server, it will work faster and your stats get more accuracy when processed by patched Webalizer
glogwatch allows the monitoring of an arbitrary file, such as /var/log/messages or a SNORT alert file.
glTail.rb allows you to view real-time traffic, data, and statistics from any log file on any server with SSH, in an intuitive and entertaining way using Ruby, net-ssh, and OpenGL. It includes parsers for Apache Combined, Rails, IIS, Postfix/spamd/clam), Nginx, Squid, PostgreSQL.
Glug is a shell script program which creates graphs showing log activity for your systems. It is based on the premise that most log messages are only interesting in terms of their frequency.
Gwatch displays /var/log/messages and /var/log/mail in a small window. It is like kwatch, but is written in C with GTK+. It uses much less memory than kwatch.
iCE Breakers Log Monitor
another x-based log monitor
logs IP packets sent to a computer. It runs in the background, and displays information about the incoming packets.
ispacct is an accounting package that eats through logfile from a Bintec router.
a logfile monitoring tool for KDE 3.2.x that docks into the panel, supporting docking (new!), multiple colors, up to 10 logfiles, filtering via regular expressions and pop-up events when a specific line is added to a monitored logfile
klogview is a KDE utility for viewing log files in real time, like tail -f.
KSystemLog is a system log viewer tool for KDE 4. Read more
The Logfile Navigator, lnav for short, is a curses-based tool for viewing and analyzing log files. The value added by lnav over text viewers / editors is that it takes advantage of any semantic information that can be gleaned from the log file, such as timestamps and log levels. Read more
LoFiMo is used to monitor logfiles in real time. The output is presented via a web interface and optionally on the console. Using the web interface it is possible to monitor log files from a remote machine. LoFiMo can be used to colorize the log entries using filters. filters can also be used to reformat log entries, hide log entries or play sounds or execute commands when certain log entries are read.
provides a set of logfile processing tools: - Convert from W3C to ELF (extended log format) - Convert from Netscape/iPlanet to ELF - Strip corrupt logfile lines - Sort logfile lines by date - Filter lines by URI prefix or result code
colourizing a system logs for easier reading
log4sh is a logging framework for shell scripts that works similar to the other wonderful logging products available from the Apache Software Foundation (eg. log4j, log4perl).
log_analysis is a log file analysis engine that extracts relevant data for any of the recognised log messages and produces a summary that is much easier to read.
logalert is a logfile monitoring tool which executes a specific action whenever it matches a string (pattern) occurrence. It reads an entire file (or starts at the end, just like tail -f), keeps track of any changes, waiting for a specific pattern (a syslog process error, a user login, ...) and fires an action you define when that happens.
Logapp is a wrapper utility that helps supervise the execution of applications that produce heavy console output (e.g. make, CVS, and Subversion).
Logback is intended as a successor to the popular log4j project, and was designed by log4j's founder, Ceki Gulcu. The basic architecture is sufficiently generic so as to apply under different circumstances. It is divided into three modules. The Core module lays the groundwork for the other two modules. The Classic module can be assimilated to an improved version of log4j. It natively implements the SLF4J API so that you can readily switch back and forth between logback and other logging systems, such as log4j or JDK14 Logging. The Access module integrates with Servlet containers to provide HTTP access log functionality. You can easily build your own modules on top of the Core module.
Logcheck is a simple utility which is designed to allow a system administrator to view the logfiles which are produced upon hosts under their control. It does this by mailing summaries of the logfiles to them, after first filtering out "normal" entries.
Logdigest mails interesting lines from log files to the system administrator. Non-relevant lines are filtered out by customizable regular expressions. Logdigest comes with a set of such regexps to provide a good starting point.
LogDog is a daemon for monitoring system log files and emailing administrators.
Logfmon monitors a set of log files and processes messages based on a set of regexps. When a message matches, a command may be executed or the message may be ignored. Messages that are unmatched are batched together and emailed every so often.
LogMiner is a powerful log analysis package for Apache (or other Web servers using the "combined" log format). It can produce detailed reports about visits, hits, traffic, navigation paths, browsers and operating systems used by users, and so on.
logplex is a simple application that allows you to multiplex logs files together into a single log file which you can then run swatch against.
Logsurfer is designed to monitor any text-based logfiles on your system in realtime.
logtail is a logfile download and tailing application. It uses AJAX to update the tail-windows. The AJAX approach transfers only the added lines from a logfile over the wire.
Maillog View is a Webmin module that allows you to easily view all your /var/log/maillog.* files. It features autorefresh, message size indication, ascending/descending view order, compressed file support, and a full statistics page.
MultiTail lets you view one or multiple files like the original tail program. The difference is that it creates multiple windows on your console (with ncurses). Merging of 2 or even more logfiles is possible. It can also use colors while displaying the logfiles (through regular expressions), for faster recognition of what is important and what not. Read more
nxlog is a modular, multi-threaded, high-performance log management solution with multi-platform support.
PacStats is an application that generates statistical charts about ArchLinux pacman activity
a Bourne shell script to "tail" your system logs in pseudo transparent borderless Eterm(s)
php-syslog-ng is a log monitor designed to let the user quickly and easily manage logs from many hosts.
plog is a Python application logging package, consists of both a system log server that parses system log data and log file to system log converter.
Prelude Log Monitoring Lackey
Prelude Log Monitoring Lackey is the host-based sensor program part of the Prelude Hybrid IDS suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch).
Pyama is a system and network monitoring application for desktop Linux users.
pypty is a tty logger aimed at heavy script users who like to (or would like to start to) log everything they do on important systems.
a regular expression based logfile watcher in perl. It watches a log file, and executes pre-defined actions based on whether the line matches a regular expression defined in the configuration
allows you to log multiple log files into multiple desktop portals or mix them together in any combination with graphical backgrounds, transient backgrounds, shaded backgrounds, filtering and colourising,
shrotate is a portable utility for rotation of log files similar to the Red Hat "logrotate" tool. It uses GNU shtool for making the rotation.
since is a unix utility similar to tail. Unlike tail, since only shows the lines appended since the last time. It is useful to monitor growing log files.
a Qt based GUI snort monitor for Linux/Unix written in C/C++. Currently, it is capable of monitoring multiple snort sensors in a centralized monitor screen
Snowlog lets you browse your web server's access log files. It does not generate static HTML status reports but instead shows you all accesses in a list that you can filter, sort and search easily. It's a console application and supposed to run on the server via ssh.
an interactive console program which monitors squid logs and displays them in a nice fashion. It has searching and reporting functions, giving information like per user bandwidth and cache hits
swatch started out as the "simple watchdog" for activly monitoring log files produced by UNIX's syslog facility. It has since been evolving into a utility that can monitor just about any type of log. Read more
System Log Viewer
System Log Viewer is a graphical, menu-driven viewer to view and monitor system logs. System Log Viewer comes with a few functions that can help you manage your logs, including a log monitor and log statistics display. Read more
Tail server allows you to export the output of a "tail -f" command of a log file to a TCP port, allowing it to be viewed remotely with telnet. It provides a regular expression filter to include or exclude output view.
opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it
tcptrace is a tool designed for analysis of TCP dump files. Read more
tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to
queues which have an alert interval and a list of mail recipients
Timbersee monitors logfiles for important messages, can watch more than one logfile at a time, and does not fork off extra processes.
ttywatch monitors, logs, and multiplexes terminal I/O. It has full log rotation built in, and can use telnet as well as local TTY ports.
unalog is a universal logging architecture for people that logs events at any interface between man and machine.
wap54g-log is a simple log viewer for Linksys WAP54G (and possibly other) Wireless Access Points. The log viewer listens on a port (default the syslog port; UDP 514) for log packets from the router and dumps them to syslog, screen or file.
webreport is a web log statistics reporting program especially designed for virtual web hosting sites.
weedlog is a packet logger ment for two purposes. The first being to help diagnose networking problems by reviewing all packet information except the actual data they are carrying. The second being to kill time and boredum as both are evil.
WOTS is a tool for monitoring logging output from multiple sources, and then generating actions and reports based on what is found in these logs.
Xlogmaster is software that lets you monitor everything that is going on on your system effortlessly. This software can monitor an almost infinite number of logfiles and all devices. Read more
xsysguard is a resource-friendly system monitor based on Imlib2. The main features include a powerful configuration file format, full alpha channel support, configurable widgets, and many data sources implemented as modules.
YaketyStats is a tool for gathering and graphing statistics about your Unix/Linux systems. It has an intuitive, AJAX-powered Web interface for graphing data. Graphs are built on the fly, can contain stats from multiple systems, and include "Google Maps"-like dragging. YaketyStats is easy to install, maintain, and extend. It supports Firefox and is built on Perl, PHP, and RRDtool.