dr-robot

@dr-robot@fedia.io

This is a remote user, information on this page may be incomplete. View at Source ↗

⁨Comment⁩ on ⁨Log monitoring software?⁩ ⁨⁨15⁩ ⁨hours⁩ ago⁩:
I use logcheck which should be available with your distro. It's simple but pretty dumb though. It works by scanning your system logs, excludes any pre-configured regexps (it already comes with defaults for many of the most common logs), and sends you an email if there are any unexpected logs. I did have to add a bunch of custom regexps to exclude additional logs specific to my setup. But I just did this by adding new regexps whenever I got a logcheck email that I deemed irrelevant so not terribly difficult.

The end result is that I get an email with logs whenever anything unexpected happens. For example, I get emails whenever any SSH session is established (including my own) which gives me the confidence that if something starts going down, I should be able to see it.