	LogSpy
Home Docs Screenshots Downloads News Contact	INSTALL 1. You need to create a named pipe so that the syslog deamon can communicate with the logspy program. mkfifo /dev/logspy 2. Then edit your syslog.conf file which should be in the /etc directory. Change this line: authpriv. /var/log/secure* To: authpriv. \|/dev/logspy* 3. Edit the logspy.conf file with the rules you want to check for. The conf file needs to be in the /etc directory. Example: Fail,mail -s "Logon from $Service Failed" root\@mymail.com < tmpmsg The conf file is just a CSV file. The first value is the term in the logs to search for. The second is the command to run when it finds the term. WARNING: It will run this command as root be carefull what you put in this file. You can use some variables in your command. tmpmsg – The last message that the log received is writen to this file. $Month – Month of message $Day – Day of message in numerical format eample: 22 or 5 $Time – Time of message example: 13:48:07 $Host – This is the server's host name. $Service – The name of the service example: sshd 4. Run the program. logspy.pl &

LogSpy

Home
Docs
Screenshots
Downloads
News
Contact

INSTALL

1. You need to create a named pipe so that the syslog deamon can communicate with the logspy program.
mkfifo /dev/logspy

2. Then edit your syslog.conf file which should be in the /etc directory.
Change this line:
authpriv.* /var/log/secure
To:
authpriv.* |/dev/logspy

3. Edit the logspy.conf file with the rules you want to check for. The conf file needs to be in the /etc directory.
Example:
Fail,mail -s "Logon from $Service Failed" root\@mymail.com < tmpmsg

The conf file is just a CSV file. The first value is the term in the logs to search for. The second is the command to run when it finds the term. WARNING: It will run this command as root be carefull what you put in this file.
You can use some variables in your command.
tmpmsg – The last message that the log received is writen to this file.
$Month – Month of message
$Day – Day of message in numerical format eample: 22 or 5
$Time – Time of message example: 13:48:07
$Host – This is the server's host name.
$Service – The name of the service example: sshd

4. Run the program.
logspy.pl &