Alerttail monitors a given file and executes a list of actions when a user-defined text pattern has been written to the file. For example, the user can pop up a GTK notification window when a certain message is written to a log file.
A tool to collect log files from multiple Apache web servers, split them based on the virtual host, sort the logs into cronological order, and then pipe them into a log file analyzer of your choice (webalizer, http-analyze, AWstats, etc).
ApacheTop watches a logfile generated by Apache (in standard common or combined logformat, although it doesn't (yet) make use of any of the extra fields in combined) and generates human-parsable output in realtime.
Audiolog is a small tool for analyzing traces or logfiles in real time and producing sound events.
autoabuse monitors the default SuSE Linux firewall log /var/log/messages vor incoming port scans on 27374.
a syslog monitoring program for GNOME, desgined to help system administrators monitor many computers simultaneously. It runs on the desktop, displaying alerts when important log messages are received
collects and analyses the statistics of visits of several sites on one physical server. The data is collected from common Apache logs
logs modifications of a set of files, and allows recovery of the tracked files from any stage of development. The changes are presented in a powerful web-based form, a text file, or an email message
DULog is a simple log notifier and parser which runs periodically (hourly or daily, whichever you prefer), looks at your logs, processes some of the entries in order to present them in a more comprehensive format, and then mails you the output.
Fail2ban monitors log files and temporarily or persistently bans failure-prone addresses by updating existing firewall rules. The software allows easy specification of different actions to be taken such as to ban an IP address using iptables or hostsdeny rules, or simply to send a notification email. It supports many services, and configuration can be easily extended for monitoring any other ASCII file. All filters and actions are given in the configuration files, thus fail2ban can be adopted to be used with a variety of files and firewalls.
Fido is a multi-threaded file watch utility. It can be configured to look for multiple things inside multiple files. When it matches a user-defined pattern, fido runs a user-defined command.
monitors system files. Changes are archived into an RCS repository and change reports are sent via e-mail
a patch for Webalizer to generate faster and more reliable geographic statistics than using default DNS suffix method. It uses GeoIP library to do that. In fact, if you disable DNS reversal on your HTTP server, it will work faster and your stats get more accuracy when processed by patched Webalizer
glogwatch allows the monitoring of an arbitrary file, such as /var/log/messages or a SNORT alert file.
glTail.rb allows you to view real-time traffic, data, and statistics from any log file on any server with SSH, in an intuitive and entertaining way using Ruby, net-ssh, and OpenGL. It includes parsers for Apache Combined, Rails, IIS, Postfix/spamd/clam), Nginx, Squid, PostgreSQL.
Glug is a shell script program which creates graphs showing log activity for your systems. It is based on the premise that most log messages are only interesting in terms of their frequency.
Gwatch displays /var/log/messages and /var/log/mail in a small window. It is like kwatch, but is written in C with GTK+. It uses much less memory than kwatch.
iCE Breakers Log Monitor
another x-based log monitor
logs IP packets sent to a computer. It runs in the background, and displays information about the incoming packets.
ispacct is an accounting package that eats through logfile from a Bintec router.
a Java-based weblogging tool which interfaces with the Blogger and Manila XML-RPC interface
a logfile monitoring tool for KDE 3.2.x that docks into the panel, supporting docking (new!), multiple colors, up to 10 logfiles, filtering via regular expressions and pop-up events when a specific line is added to a monitored logfile
klogview is a KDE utility for viewing log files in real time, like tail -f.
KSystemLog is a system log viewer tool for KDE 4. Read more
a port of kwatch to KDE2. Basically it is a tail -f with a graphical KDE2 user interface for watching log file
The Logfile Navigator, lnav for short, is a curses-based tool for viewing and analyzing log files. The value added by lnav over text viewers / editors is that it takes advantage of any semantic information that can be gleaned from the log file, such as timestamps and log levels.
LoFiMo is used to monitor logfiles in real time. The output is presented via a web interface and optionally on the console. Using the web interface it is possible to monitor log files from a remote machine. LoFiMo can be used to colorize the log entries using filters. filters can also be used to reformat log entries, hide log entries or play sounds or execute commands when certain log entries are read.
provides a set of logfile processing tools: - Convert from W3C to ELF (extended log format) - Convert from Netscape/iPlanet to ELF - Strip corrupt logfile lines - Sort logfile lines by date - Filter lines by URI prefix or result code
colourizing a system logs for easier reading
log4sh is a logging framework for shell scripts that works similar to the other wonderful logging products available from the Apache Software Foundation (eg. log4j, log4perl).
log_analysis is a log file analysis engine that extracts relevant data for any of the recognised log messages and produces a summary that is much easier to read.
logalert is a logfile monitoring tool which executes a specific action whenever it matches a string (pattern) occurrence. It reads an entire file (or starts at the end, just like tail -f), keeps track of any changes, waiting for a specific pattern (a syslog process error, a user login, ...) and fires an action you define when that happens.
Logapp is a wrapper utility that helps supervise the execution of applications that produce heavy console output (e.g. make, CVS, and Subversion).
Logback is intended as a successor to the popular log4j project, and was designed by log4j's founder, Ceki Gulcu. The basic architecture is sufficiently generic so as to apply under different circumstances. It is divided into three modules. The Core module lays the groundwork for the other two modules. The Classic module can be assimilated to an improved version of log4j. It natively implements the SLF4J API so that you can readily switch back and forth between logback and other logging systems, such as log4j or JDK14 Logging. The Access module integrates with Servlet containers to provide HTTP access log functionality. You can easily build your own modules on top of the Core module.
Logcheck is a simple utility which is designed to allow a system administrator to view the logfiles which are produced upon hosts under their control. It does this by mailing summaries of the logfiles to them, after first filtering out "normal" entries.
Logdigest mails interesting lines from log files to the system administrator. Non-relevant lines are filtered out by customizable regular expressions. Logdigest comes with a set of such regexps to provide a good starting point.
LogDog is a daemon for monitoring system log files and emailing administrators.
Logfmon monitors a set of log files and processes messages based on a set of regexps. When a message matches, a command may be executed or the message may be ignored. Messages that are unmatched are batched together and emailed every so often.
LogMiner is a powerful log analysis package for Apache (or other Web servers using the "combined" log format). It can produce detailed reports about visits, hits, traffic, navigation paths, browsers and operating systems used by users, and so on.
logplex is a simple application that allows you to multiplex logs files together into a single log file which you can then run swatch against.
Logsurfer is designed to monitor any text-based logfiles on your system in realtime.
logtail is a logfile download and tailing application. It uses AJAX to update the tail-windows. The AJAX approach transfers only the added lines from a logfile over the wire.
Maillog View is a Webmin module that allows you to easily view all your /var/log/maillog.* files. It features autorefresh, message size indication, ascending/descending view order, compressed file support, and a full statistics page.
MultiTail lets you view one or multiple files like the original tail program. The difference is that it creates multiple windows on your console (with ncurses). Merging of 2 or even more logfiles is possible. It can also use colors while displaying the logfiles (through regular expressions), for faster recognition of what is important and what not. Read more
nxlog is a modular, multi-threaded, high-performance log management solution with multi-platform support.
PacStats is an application that generates statistical charts about ArchLinux pacman activity
a Bourne shell script to "tail" your system logs in pseudo transparent borderless Eterm(s)
php-syslog-ng is a log monitor designed to let the user quickly and easily manage logs from many hosts.
plog is a Python application logging package, consists of both a system log server that parses system log data and log file to system log converter.
Prelude Log Monitoring Lackey
Prelude Log Monitoring Lackey is the host-based sensor program part of the Prelude Hybrid IDS suite. It can act as a centralized log collector for local or remote systems, or as a simple log analyzer (such as swatch).