Efficient Real Time Monitoring for Syslog Messages

About Logdog
Logdog is a tool that monitors messages passing through syslogd and takes action based on key words and phrases. Logdog has a configuration file which allows you to specify a list of key words or phrases to alert on, and a list of commands that can be run when those words are encountered.
Logdog is licensed under the GPL.

If you operate a production environment and need a 100% guarantee that your "alert" commands (paging, emailing, etc) are successfully executed, please look at Alert Manager, which can verify the success or failure of every command it runs and take approperiate action.

Feature List:

  • Monitors syslogd messages for key words and phrases and runs system commands based on content.
  • Logs all activity to a file.
  • HUP signal is intercepted correctly and causes Logdog to reload its configuration and refresh all filehandles.
  • Reads data from syslogd via a FIFO for efficiency and low latency alerts.
  • Script returns error status to the system when an error occurs.
  • Verbose and descriptive error messages if something goes wrong.
  • Multiple debugging levels.


Official Release: logdog-v2.00-RC5.tar.gz   (15kb Dec 3rd, 2003)   Changelog   Screen Shot

Command Line Options
Logdog has the following command line options:
Logdog command line options

1. Extract the file: "tar -zxvf logdog-vXXXX.tar.gz"
2. Go into the newly created directory: "cd logdog-vXXXX"
3. Run "make install" (WARNING: this will overwrite /etc/logdog.conf if it already exists!)
4. Follow the onscreen instructions. You can start logdog as simply as running "/usr/local/sbin/ -d"
To verify its working correctly you can send syslogd a message with this script. You will also want to watch logdog's log file: /var/log/logdog

Kevin Cox has submitted directions for using Logdog with Snort.

Download Previous Releases

Version 2.00
logdog-v2.00-RC5.tar.gz   (15kb Dec 3rd, 2003)
logdog-v2.00-RC4.tar.gz   (14kb Nov 21st, 2003)
logdog-v2.00-RC3.tar.gz   (13kb Jun 6th, 2003)
logdog-v2.00-RC2.tar.gz   (11kb Sep 25th, 2002)
logdog-v2.00-RC1.tar.gz   (11kb Sep 6th, 2002)


