Logcheck keeps track of your logs, emails you when things get suspicious

(written by lawrence krubner, however indented passages are often quotes). You can contact lawrence at: lawrence@krubner.com, or follow me on Twitter.

I only just discovered logcheck, but now I want to use it on all of my servers:

How Logcheck Protects Your Server
It turns out that Logcheck is a pretty simple tool. All it does is periodically check the log files you specify. It filters out the uninteresting parts and emails you what is left. It is smart enough to avoid mailing you the same information multiple times by keeping a “bookmark” for each log file. This way it can only email you newer entries — those have been written after the last log check.

The really valuable part in the Logcheck distribution is its rule database that distinguishes between the interesting and uninteresting log entries. On Ubuntu it is provided in a separate package: logcheck-database and it contains rules for many daemons you could have running on your system: cron, bind, postfix, and whatnot. I like that a lot and I can think about several projects where I can install and use the database in a separate program that analyzes log entries and sends out alerts.

Post external references

1
http://stackful-dev.com/keep-an-eye-on-your-linux-servers-with-logcheck.html

Source

RECENT COMMENTS

January 11, 2022 4:33 am

From Essie on Docker is the dangerous gamble which we will regret

"Once in 1990s, there are popular high performance solution called HPC software, many commercial softwares are ..."

December 17, 2021 7:32 pm

From John Carston on The ethics of being a high level tech consultant (a Fractional CTO)

"It helped when you mentioned that it is important to have a real connection with your consumer. My cousin ment..."

September 2, 2021 7:47 pm

From Mojavedfo on Where PHP regex fails

"55 thousand Greek, 30 thousand Armenian..."

August 7, 2021 9:53 am

From Colin Steele on The ethics of being a high level tech consultant (a Fractional CTO)

"Fantastic essay. Thoughtful, well-constructed, timely and applicable. I think every part-timer in the tech f..."

August 5, 2021 3:02 pm

From Rachiovwn on Where PHP regex fails

"consists of the book itself..."

October 19, 2019 3:08 am

From Bernd Schatz on Object Oriented Programming is an expensive disaster which must end

"I really enjoyed your article. But i can't understand the example with the interface. The example is reall..."

October 4, 2019 8:44 pm

From lawrence on My final post regarding the flaws of Docker / Kubernetes and their eco-system

"Gorgi Kosev, I am working to clean up some of my Packer/Terraform code so I can release it on Github, and then..."

October 4, 2019 5:14 pm

From Gorgi Kosev on My final post regarding the flaws of Docker / Kubernetes and their eco-system

"> Packer, sometimes with some Ansible. The combination of Packer and Terraform typically gives me what I ne..."

October 4, 2019 12:40 pm

From lawrence on My final post regarding the flaws of Docker / Kubernetes and their eco-system

"Gorgi Kosev, about this: "I would love if you could point out which VM based system makes it simpler and..."

October 4, 2019 7:31 am

From Gorgi Kosev on My final post regarding the flaws of Docker / Kubernetes and their eco-system

"I won't list anything concrete that you missed, because that will just give you ammunition to build the next a..."

October 4, 2019 1:39 am

From lawrence on My final post regarding the flaws of Docker / Kubernetes and their eco-system

"Gorgi Kosev, also, I don't think you understand what a "straw man argument" is. This is a definition from Wiki..."

Logcheck keeps track of your logs, emails you when things get suspicious

Post external references

RECENT COMMENTS

NO COMMENTS

Leave a Reply Cancel reply