Logdog is a tool that monitors messages passing through syslogd and takes action based on key words and phrases. Logdog has a configuration file which allows you to specify a list of key words or phrases to alert on, and a list of commands that can be run when those words are encountered. Logdog is licensed under the GPL.
Central Loghost Mini-HOWTO This page is simply a collection of open source tools you can use to glue together your own centralized (syslog) loghost. Included are example configuration settings so that you can configure your loghost in a manner similar to mine. There is very little that you need to read and understand in order to use these tools. Also, these tools are widely used and therefore easy to get help with on internet mailing lists. I established a centralized location for syslog collection in order to facilitate: Log reporting real time alerting periodic (several times per day) summary reporting Log storage long term archival for possible later analysis Tools used: UNIX hosts (Linux and Solaris) Modified logcheck script(s). Syslog-NG Swatch though I'm slowly moving to SEC, this page will be updated once I've completely switched Splunk for a GUI interface Stunnel