tail_mail is a simple log watcher daemon. It checks the log files that you want, for the string patterns which you define in the config file, and send information messages by e-mail. New Feature: Added in 2004.07.26 You may run any command(s) also. Config file structure: ---------------------- - Any empty line is ignored. - Any line which begins with a # is ignored. string pattern to match Subject for that pattern|xxx@mailservername.yyy.com anothter pattern Another subject|mmmm@mailservername.nnnn.com You should write your mailserver name in your e-mail address. Since I've used the fnmatch() function, you may use shell wildcard patterns. Patterns are case insensitive. If a pattern begins with a ^, when the pattern is found do not send notification for that match. Example config file (for switch syslog messages): ------------------------------------------------ *incorrect port* Security Error|idsadmin@netm.sabanciuniv.edu| #Telnet connection *telnet* Telnet Connection|idsadmin@netm.sabanciuniv.edu| #When eth0 link is broken, e100 module sends a message to syslog (/var/log/messages) *eth0*Down* eth0 is down, route changed to eth1 !|netadmin@netm.sabanciuniv.edu|route add default dev eth1;route del default dev eth0 # Ignore lines if they contain the pattern after ^ # Do send notification for LINK-3-UPDOWN's ^*LINK-3-UPDOWN* nomail|nomail@nomail| # You have to write something like above, for this line. # Catch all * Default_CATOS|idsadmin@netm.sabanciuniv.edu You should use different instances of the program for different log files. Usage: ---------- tail_mail -c config_file1 -f log_file1 tail_mail -c config_file2 -f log_file2 tail_mail informs you twice a day at 8 am and 4 pm that it works by sending two e-mails. You may change these values in the main.c file. Compile Informations: ---------------------- Please change the values in src/main.c below like you want: #define SMTPHOST "localhost" #define FROM "Dikkat@sabanciuniv.edu" #define OKSUBJECT "tail_mail OK" #define CONFIGFILE "/etc/tail-mail.conf" <-- default config file name #define TIME1 8 <-- Time to send the message: "tail_mail is running normally" and info about it's config file #define TIME2 16 <-- Time to send the message: "tail_mail is running normally" and info about it's config file #define LOGFACILITY LOG_LOCAL1 <-- For syslog daemon; DO NOT USE LOG_USER tail_mail uses the simple libraries below, you have to install them before compiling: - libsmtp from Kevin http://libsmtp.berlios.de I added a new function, which forks the e-mailing process, into this library, so you have to use this version (I've sent this update to Kevin). - libdosya_okuma (my small library for reading the config file) Both of these libraries are included in source tree. tail_mail sends some messages to syslog daemon with facility local1, In order to see outputs, you should have something like below on your syslog.conf file: local1.* -/var/log/localmessages Please, as usual, send bugs, suggestions: Ali BASEL