"Fossies" - the Fresh Open Source Software Archive 
Member "lmon-1.2/README" (19 May 2005, 5199 Bytes) of package /linux/privat/old/lmon-1.2.tgz:
As a special service "Fossies" has tried to format the requested text file into HTML format (style:
standard) with prefixed line numbers.
Alternatively you can here
view or
download the uninterpreted source code file.
1 DESCRIPTION
2 ===========
3
4 LMon is a package for near real-time monitoring of logs, sending e-mail
5 alerts upon known (rule hits) or unknown data (rule misses).
6
7 Features:
8
9 - Buffer multiple rule hits within a given interval, cap at a given maximum
10 number of lines, wait for a given interval before sending next alert.
11
12 - Auto-discovery of log rotation.
13
14 - Simplicity. LMon can run from the command line without configuration, or
15 be controlled from a central configuration file with multiple instances
16 monitoring different log files/sending alerts to different people. It is very
17 much intended to be simple (Keep It Simple, Stupid).
18
19 USAGE
20 =====
21
22 To monitor individual logs from the command line, run lmon.pl. Start it without
23 arguments to see what options are possible. You may want to edit configuration
24 defaults in it. A rule file is a text file containing Perl regexps to look for
25 in the log file. Use # in the beginning of eventual comments, blank lines are
26 also ignored. Be careful not to insert apparently blank lines with whitespace,
27 if you don't want to monitor whitespace. You can start a line with ! to perform
28 an inverted match.
29
30 To control the startup/shutdown of lmon in several instances, use control.pl.
31 That script can be linked up as a rc.d/init.d start, but if you want to run log
32 monitoring as a different user, see the lmon.init example startup script. To
33 see possible options/keywords for control.pl, start it without arguments.
34 Reasons for running lmon.pl in several instances can be to monitor different
35 log files (lmon can only one log file), to send alerts to different mail
36 addresses (only one set of mail addresses per lmon), and/or to use different
37 rule files or other options. The configuration file, control.cfg, will be
38 looked for in the same directory as control.pl. The format of it is divided
39 into sections enclosed in [], where each section is one instance of lmon. The
40 name general is special, it will set global defaults.
41
42 Valid options for general and per instance (all optional):
43
44 sysname= (pretend alert was sent from this system, useful for FreeBSD jails
45 when monitoring outside them)
46
47 mode=include (set this to alert on rule hits, anything else for misses -
48 default is to alert on rule misses)
49
50 from= (mail address to send alerts from)
51
52 to= (mail addresses to send alerts to)
53
54 mailservers= (smtp servers, alerts will be sent through one of them directly)
55
56 buffer=<max lines to buffer> (cap rule hits when exceeding this limit)
57
58 pid=<pid file> (default is <instance name>.pid in LMon's directory)
59
60 Required instance options:
61
62 log=<log file> (log file to monitor)
63
64 Optional instance options:
65
66 rules=<rule file> (rule file with regexps to look for, default is
67 <instance name>.rules in LMon's directory)
68
69 name=<log name> (mention log as this log name in alerts)
70
71 You may want to have a look in the examples directory for sample control.cfg
72 and rule files.
73
74 For the command line option/keyword listings from the programs, [] means
75 something that is optional, () is an explanation, and <> is a required option
76 within that context. Do not include them, substitute with what you want
77 instead. For the command line, if you want to use spaces/whitespace in an
78 option, enclose it in "". In control.cfg, do not enclose options in "", use
79 whitespace as needed but keep it on one line.
80
81 NB: Without adjusting $LMon::lines, lmon will only discover new log lines.
82
83 REQUIREMENTS
84 ============
85
86 Perl 5 is required. Also, lmon.pl needs Mail::Sendmail and File-Tail, and
87 control.pl needs Config::IniFiles. Download Perl from www.perl.org, and Perl
88 modules from www.cpan.org.
89
90 Target platforms are initially FreeBSD, Solaris and Linux. Other platforms
91 may be supported upon request and/or feedback. Particularly the control.pl
92 script may need modifications for other operating systems because of its
93 picky usage of ps.
94
95 You may need to set the path for the Perl programs, if it does not exist as
96 /usr/bin/perl.
97
98 HISTORY
99 =======
100
101 2004-12-29: Initial version released.
102
103 2005-04-18: Version 1.1
104
105 - Add possibility to set mail servers from the command line for lmon.pl, and
106 from control.cfg.
107 - Bug fix: improve checks for running processes (use getuid instead of
108 getlogin to determine which users processes to look for, remove leading
109 blankspace from ps output, assume perl.* process name, not just perl).
110 - Add posibility to use ! in the start of a rule, to invert the match(ing).
111
112 2005-04-18: Version 1.1a
113
114 Correct silly subject typo.
115
116 2005-05-19: Version 1.2
117
118 - Misc. bugfixes for control.pl: fix pidfile filename taint problem and -i
119 option not working with status and stop commands.
120 - Add validation of rules (regexp correctness) to lmon.pl at startup, exit
121 with details about the errors if there are any. Make control.pl print this
122 information also. Without this validation, lmon could start but exit once
123 there is new data in the monitored logfile.
124 - Add detach option for lmon.pl. Default is to run in the foreground.
125
126 LICENSE
127 =======
128
129 See the file LICENSE.
130
131 AUTHOR/HOMEPAGE
132 ===============
133
134 Anders Nordby <anders@bsdconsulting.no>
135
136 URL: http://www.bsdconsulting.no/tools/
137
138 You are hereby encouraged to send any modifications/improvements, tips or
139 feedback back to the author.