Oh, so syslog-ng probally isn't the right tool for the job? I can use these tools to monitor my /var/log/kern ? Also, thanks for all the responses! On Fri, Aug 29, 2008 at 7:36 AM, Jeremiah Heller <jeremiah at itmustbe.com> wrote: > Have you heard of http://www.ossec.net/? > > It would do what you like and more. You configure which logs you want > watched and who should be emailed/texted/paged according to various levels > of criticality. > > I believe you can have it email you for custom log-events; although it will > notice many common failure messages and other anomalies automatically - so > many I haven't needed to modify much. > > I'm not sure if centos provides packages w/ similar functionality or not. > > Jeremiah > > On 29 Aug 2008, at 04:19, Mag Gam wrote: > >> Hello, >> >> I know centos does not use syslog-ng, but I have installed it at my >> university. My intention is if a particular string appears in my >> /var/log/messages I would like to get an email alert. >> >> For example, if i see a message "foo" in /var/log/kern I would like to >> email myself. >> >> Any idea how to do this? Has anyone done this before? >> >> TIA >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos >