You are not logged in.
I want to share with you Devilish
# devilish.py - PyGTK App for monitoring log files realtime. It uses inotify to
# detect file modifications and when an appended line in the log has a string
# you are interested in, it will alert you via your notification daemon and with an icon
# in the tray.
I'm sorry to say that it's full of bugs, I made it initially for personal use, it was never meant to see the light.
I have been the last few days cleanning up the code and fixing some bugs, still lot of work to do.
I have uploaded it to Github https://github.com/iye/Devilish
Check "config.cfg" and edit setting there, they are self-explanatory.
EXAMPLE USAGE:
Say you want to know realtime if someone tries to connect to your ssh server
on port 22.
Add this rule to iptables to log incoming connections to port 22 TCP (ssh) :
# iptables -A INPUT -p tcp -m tcp --dport 22 -j LOG --log-prefix "Alert_Port_22"
Now edit config.cfg and in the "filterstings" lines put this:
# filterstrings = "Alert_Port_22", "other_sting1", "other_string2"
And set it to monitor your syslog, BE SURE YOU HAVE READ ACCESS TO SYSLOG.
# logfilepath = /var/log/syslog
You will be notified as soon as someone tries to connect to port 22 via the
notification daemon and also the icon in tray will change when a line is
detected just in case you were not in the pc when it happened.
iye
Last edited by iye (2011-08-05 07:50:43)
Offline