Links:
Alerttail Alerttail monitors a given file and executes a list of actions when a user-defined text pattern has been written to the file. For example, the user can pop up a GTK notification window when a certain message is written to a log file. Apache::Logmonster A tool to collect log files from multiple Apache web servers, split them based on the virtual host, sort the logs into cronological order, and then pipe them into a log file analyzer of your choice (webalizer, http-analyze, AWstats, etc). ApacheTop ApacheTop watches a logfile generated by Apache (in standard common or combined logformat, although it doesn't (yet) make use of any of the extra fields in combined) and generates human-parsable output in realtime. Audiolog a small tool for analyzing traces or logfiles in real time and producing sound events autoabuse autoabuse monitors the default SuSE Linux firewall log /var/log/messages vor incoming port scans on 27374. Band Saw a syslog monitoring program for GNOME, desgined to help system administrators monitor many computers simultaneously. It runs on the desktop, displaying alerts when important log messages are received bars collects and analyses the statistics of visits of several sites on one physical server. The data is collected from common Apache logs Changetrack logs modifications of a set of files, and allows recovery of the tracked files from any stage of development. The changes are presented in a powerful web-based form, a text file, or an email message DULog DULog is a simple log notifier and parser which runs periodically (hourly or daily, whichever you prefer), looks at your logs, processes some of the entries in order to present them in a more comprehensive format, and then mails you the output. Fail2ban Fail2ban monitors log files and temporarily or persistently bans failure-prone addresses by updating existing firewall rules. The software allows easy specification of different actions to be taken such as to ban an IP address using iptables or hostsdeny rules, or simply to send a notification email. It supports many services, and configuration can be easily extended for monitoring any other ASCII file. All filters and actions are given in the configuration files, thus fail2ban can be adopted to be used with a variety of files and firewalls. filewatcher monitors system files. Changes are archived into an RCS repository and change reports are sent via e-mail Geolizer a patch for Webalizer to generate faster and more reliable geographic statistics than using default DNS suffix method. It uses GeoIP library to do that. In fact, if you disable DNS reversal on your HTTP server, it will work faster and your stats get more accuracy when processed by patched Webalizer glogwatch glogwatch allows the monitoring of an arbitrary file, such as /var/log/messages or a SNORT alert file. glTail.rb glTail.rb allows you to view real-time traffic, data, and statistics from any log file on any server with SSH, in an intuitive and entertaining way using Ruby, net-ssh, and OpenGL. It includes parsers for Apache Combined, Rails, IIS, Postfix/spamd/clam), Nginx, Squid, PostgreSQL. Glug Glug is a shell script program which creates graphs showing log activity for your systems. It is based on the premise that most log messages are only interesting in terms of their frequency. gwatchlog Gwatch displays /var/log/messages and /var/log/mail in a small window. It is like kwatch, but is written in C with GTK+. It uses much less memory than kwatch. iCE Breakers Log Monitor another x-based log monitor ippl logs IP packets sent to a computer. It runs in the background, and displays information about the incoming packets. ispacct ispacct is an accounting package that eats through logfile from a Bintec router. Jericho a Java-based weblogging tool which interfaces with the Blogger and Manila XML-RPC interface KDE LogViever a logfile monitoring tool for KDE 3.2.x that docks into the panel, supporting docking (new!), multiple colors, up to 10 logfiles, filtering via regular expressions and pop-up events when a specific line is added to a monitored logfile klogview klogview is a KDE utility for viewing log files in real time, like tail -f. kwatch a port of kwatch to KDE2. Basically it is a tail -f with a graphical KDE2 user interface for watching log file LoFiMo LoFiMo is used to monitor logfiles in real time. The output is presented via a web interface and optionally on the console. Using the web interface it is possible to monitor log files from a remote machine. LoFiMo can be used to colorize the log entries using filters. filters can also be used to reformat log entries, hide log entries or play sounds or execute commands when certain log entries are read. Log Toolkit provides a set of logfile processing tools: - Convert from W3C to ELF (extended log format) - Convert from Netscape/iPlanet to ELF - Strip corrupt logfile lines - Sort logfile lines by date - Filter lines by URI prefix or result code Log Watcher colourizing a system logs for easier reading log4sh log4sh is a logging framework for shell scripts that works similar to the other wonderful logging products available from the Apache Software Foundation (eg. log4j, log4perl). logalert logalert is a logfile monitoring tool which executes a specific action whenever it matches a string (pattern) occurrence. It reads an entire file (or starts at the end, just like tail -f), keeps track of any changes, waiting for a specific pattern (a syslog process error, a user login, ...) and fires an action you define when that happens. Logapp Logapp is a wrapper utility that helps supervise the execution of applications that produce heavy console output (e.g. make, CVS, and Subversion). Logback Logback is intended as a successor to the popular log4j project, and was designed by log4j's founder, Ceki Gulcu. The basic architecture is sufficiently generic so as to apply under different circumstances. It is divided into three modules. The Core module lays the groundwork for the other two modules. The Classic module can be assimilated to an improved version of log4j. It natively implements the SLF4J API so that you can readily switch back and forth between logback and other logging systems, such as log4j or JDK14 Logging. The Access module integrates with Servlet containers to provide HTTP access log functionality. You can easily build your own modules on top of the Core module. Logcheck Logcheck is a simple utility which is designed to allow a system administrator to view the logfiles which are produced upon hosts under their control. It does this by mailing summaries of the logfiles to them, after first filtering out "normal" entries. Logdigest Logdigest mails interesting lines from log files to the system administrator. Non-relevant lines are filtered out by customizable regular expressions. Logdigest comes with a set of such regexps to provide a good starting point. LogDog LogDog is a daemon for monitoring system log files and emailing administrators. Logfmon Logfmon monitors a set of log files and processes messages based on a set of regexps. When a message matches, a command may be executed or the message may be ignored. Messages that are unmatched are batched together and emailed every so often. LogMiner LogMiner is a powerful log analysis package for Apache (or other Web servers using the "combined" log format). It can produce detailed reports about visits, hits, traffic, navigation paths, browsers and operating systems used by users, and so on. LogMon monitors one or more log files, updating when more data is available ala 'tail -f', within a common terminal window via a logplex logplex is a simple application that allows you to multiplex logs files together into a single log file which you can then run swatch against. Logsurfer Logsurfer is designed to monitor any text-based logfiles on your system in realtime. logtail logtail is a logfile download and tailing application. It uses AJAX to update the tail-windows. The AJAX approach transfers only the added lines from a logfile over the wire. Maillog View Maillog View is a Webmin module that allows you to easily view all your /var/log/maillog.* files. It features autorefresh, message size indication, ascending/descending view order, compressed file support, and a full statistics page. paralogger a Bourne shell script to "tail" your system logs in pseudo transparent borderless Eterm(s) php-syslog-ng CL php-syslog-ng is a log monitor designed to let the user quickly and easily manage logs from many hosts. Prelude Log Monitoring Lackey the host-based sensor program part of the Prelude Hybrid IDS suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch) pypty pypty is a tty logger aimed at heavy script users who like to (or would like to start to) log everything they do on important systems. Regwatch a regular expression based logfile watcher in perl. It watches a log file, and executes pre-defined actions based on whether the line matches a regular expression defined in the configuration Root-Portal allows you to log multiple log files into multiple desktop portals or mix them together in any combination with graphical backgrounds, transient backgrounds, shaded backgrounds, filtering and colourising, shrotate shrotate is a portable utility for rotation of log files similar to the Red Hat "logrotate" tool. It uses GNU shtool for making the rotation. Simple Colourized Helpful Logs a tool that monitors your system log, outputting a formatted and colourized version of them on a Virtual Terminal. It also supports comprehensive program execution based on string, host, or service matches since since is a unix utility similar to tail. Unlike tail, since only shows the lines appended since the last time. It is useful to monitor growing log files. Snort Monitor a Qt based GUI snort monitor for Linux/Unix written in C/C++. Currently, it is capable of monitoring multiple snort sensors in a centralized monitor screen Snowlog lets you browse your web server's access log files. It does not generate static HTML status reports but instead shows you all accesses in a list that you can filter, sort and search easily. It's a console application and supposed to run on the server via ssh squidview an interactive console program which monitors squid logs and displays them in a nice fashion. It has searching and reporting functions, giving information like per user bandwidth and cache hits swatch started out as the "simple watchdog" for activly monitoring log files produced by UNIX's syslog facility. It has since been evolving into a utility that can monitor just about any type of log Tail Server Tail server allows you to export the output of a "tail -f" command of a log file to a TCP port, allowing it to be viewed remotely with telnet. It provides a regular expression filter to include or exclude output view. Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it tcptrace tcptrace is a tool designed for analysis of TCP dump files. Read more tenshi tenshi is a log monitoring program, designed to watch a log file for lines matching user defined regular expression and report on the matches. The regular expressions are assigned to queues which have an alert interval and a list of mail recipients . Timbersee to monitor logfiles for important messages, can watch more than one logfile at a time, and does not fork off extra processes ttywatch ttywatch monitors, logs, and multiplexes terminal I/O. It has full log rotation built in, and can use telnet as well as local TTY ports. unalog a universal logging architecture for people that logs events at any interface between man and machine wap54g-log wap54g-log is a simple log viewer for Linksys WAP54G (and possibly other) Wireless Access Points. The log viewer listens on a port (default the syslog port; UDP 514) for log packets from the router and dumps them to syslog, screen or file. webreport webreport is a web log statistics reporting program especially designed for virtual web hosting sites. weedlog a packet logger ment for two purposes. The first being to help diagnose networking problems by reviewing all packet information except the actual data they are carrying. The second being to kill time and boredum as both are evil WOTS a tool for monitoring logging output from multiple sources, and then generating actions and reports based on what is found in these logs Xlogmaster an X program for monitoring log files xsysguard xsysguard is a resource-friendly system monitor based on Imlib2. The main features include a powerful configuration file format, full alpha channel support, configurable widgets, and many data sources implemented as modules. YaketyStats YaketyStats is a tool for gathering and graphing statistics about your Unix/Linux systems. It has an intuitive, AJAX-powered Web interface for graphing data. Graphs are built on the fly, can contain stats from multiple systems, and include "Google Maps"-like dragging. YaketyStats is easy to install, maintain, and extend. It supports Firefox and is built on Perl, PHP, and RRDtool.
