Alerttail executes actions when "some text" has been written to a file.
This software tails a file and when a line matches some text pattern alerttail will execute a list of actions defined on it's own configuration file.
Imagine you want to be warned when some text is written to a log file, you could just configure alerttail asking it to notify you with a gtk notify popup.
For example when i start my proftpd server for desktop file sharing i would like to monitor when somebody logs in and downloads a file. To know that i would configure alerttail to analyse /var/log/proftpd/proftpd.log and /var/log/proftpd/xferlog.
Or if i would like to know when somebody execute a "su" command i will configure alerttail to listen to /var/log/auth.log.
Same thing for samba access, kernel , mail, gaim events or any other log file event.
Another interesting scenario is iptables monitoring. If we want to know if a remote host try to direct connect to our box we will ask alerttail to monitor /var/log/messages and alert us with a notify popup with a link to googleMaps for GeoIp Localization
Alerttail is configured via config files.
Each file will define tail match policies.
When it tails a file, each line is parsed by a regular expression agent that will determine if that text line matches a provided text pattern. If it does, it will execute several actions defined by the user.
Each tailed file can have one or more regex parsers and each of those parsers will trigger one or more actions.
Actions can be alerttail built in actions (GTK notify action , geoipLocalization action, filtering text action) or a custom user defined shell command action.
A graphical front end is provided (QT4 no gtk) to help people configuring alerttail core config files.
Alerttail core does not need that graphical front end to work and any non gtk dependencies. |
|
Report a Bug
Listed at 
