Monitor Multiple Patterns

Trend Log Activities

OutOfMemory errors

Graphing log Files

Live Log Monitor

Alert on Log Inactivity

Monitor Log File Growth

Linux Log Monitoring - Monitor logs - All log files; Monitor UNIX/Linux Logs - Automate Log Analysis - Monitor Application Logs, Database Logs, System Logs, Custom Logs, Any log file on Any UNIX system:  If you have multiple different logs to monitor on several local and remote hosts, don't panic.  logXray is designed and built specifically for that purpose.  logXray simplifies all tasks related to the monitoring of UNIX log files and it does so conveniently and in a centralized fashion, all for an affordable ONE-TIME fee of just $109.95.  Unlike other log monitoring tools, logXray does not require its users to tamper with any of their existing system configuration files in order to get it to work.  It just works!  logXray monitors log files unobtrusively and provides a wealth of information for users without any complicated procedures!

There are many log monitoring screenshots on this page and each one of them tell a story, a unique one that no other log monitoring tool can tell.  Every single one of these images give an idea of the level of effort that has gone into making logXray the most dynamic and robust log monitoring tool there is out in the UNIX world.  These screenshots also show some of the many different ways logXray helps users monitor and graph log files painlessly on hundreds and even thousands of hosts using Nagios, Zabbix, Zenoss, Graphite, Cacti or other Monitoring Applications.  If you do not wish to integrate logXray with other applications, no worries.  logXray is easily configured to run either as a Plugin or its own Standalone Log Monitoring System.  Alert notifications on all monitored log files will be sent via emails and/or traps, depending on user preference.  Free support is included (contact us for live assistance or to submit custom development requests for company specific features...at no additional cost!)

Generate Live Log Monitoring Graphs on Existing/New Log Checks...all with a simple ONE liner! No complex coding, No complicated configuration file changes!

Aggregate Multiple log file Graphs into ONE - Utilize logs to Visualize Application, System & Database Health - Analyze security related events with a simple Glance!

Simplified Log Monitoring / Reporting, Log Analysis, Alerting & Graphing for just $109.95

(fully featured, 5 log monitoring tools in ONE - Use as a plugin, standalone, or as a monitoring system)

One Time Fee, No Recurring Monthly / Yearly Payments, No complex/time-consuming configurations

24 / 7 Support Included...FREE ; Contact us for Assistance / Customized Development Requests!

Why is LoGrobot the Log Monitoring Tool for you?

Monitor Logs, Alert, Graph, Analyze!

( Log Monitoring made Easy on Linux, HP-UX, AIX & SunOS )

ADVANCED LOG MONITORING & ALERTING, Monitor Log files with great efficiency, Tail logs in Time Frames (no more random tailing of lines), Graph and Analyze Any Log on UNIX / LINUX SYSTEMS. Never write another log monitoring script again!  logXray works on all log files regardless of Log Type, Log Format or Log Size - Built to handle all log monitoring requirements no matter how comprehensive, all for an affordable one time fee - No recurring payments!

logXray: Monitor, Alert, Analyze & Graph Log Files

 

  

Apache Log Monitoring

Simplified Log Monitoring:  logXray is a High Performance, Versatile and Robust Log Monitoring solution designed and built to alert on any UNIX log, generate reports on past log alerts, automatically and painlessly graph any log file metric (# of error patterns, # log entries, log size, log update times & much more), intelligently tail logs (view log data in time frames), perform automated analysis.  For the sake of even more simplicity, logXray can be utilized from both the command line and a Web interface. Minimizes typing - Point & Click!

What We Do:  LogRobot provides Reliable, Efficient and Convenient ways of monitoring logs on UNIX Systems. It ensures Prompt and Accurate notifications on all active log checks and grants users the ability to generate professional excel spreadsheets / reports on past log related events. Additionally, logrobot (alternatively known as logXray) can be configured to fire off notifications whenever anomalies are detected in monitored logs and automatically generates log monitoring graphs for every measurable log related metric.  With LoGrobot, users are provided the ability to view vital information such as the historical volume of entries being logged to a file, the frequency of error patterns being logged, the rate at which a log file gets updated and much more!

State of Monitored Log

Log Entr(ies) Not Found

Show Errors Found in Log

Monitor Large Log Files

Monitor Dynamic Log Files

Alert when Log Not found

Alert on Log Time Stamp

Trend day-to-day overall log behavior / activities

Monitoring & Graphing Apache / HTTP Status Codes

Monitoring & Graphing Apache / HTTP Status Codes

logXray Customer Support / Feedback

Avoid complicated, expensive & unfocused log monitoring tools, Use logXray on as many UNIX hosts as needed - Monitor an unlimited number of logs

Increase availability of all servers, services & applications - Monitor System Logs, Analyze Application Logs;  Predict Impending Disasters!

Increase awareness to network infrastructure problems with fast detection of outages, Get Alerts on All log entries indicating failed or crashed processes

Strengthen Security with an Automated Scanning of All Security Logs, Remove the manual aspect of tediously checking log files

Monitor, Graph, Report, Analyze & Alert On All Log Files On Any UNIX Host:

Java, HTTP, Apache, Tomcat;catalina.out, Splunk, Mysql, Oracle, Postfix, Log4j, Mail, Weblogic, Glassfish, System Logs, Custom logs and much more!

Cacti Screenshots:  Graph the occurrence or lack of occurrence of keywords / patterns - Trend log characteristics for easy isolation of abnormal activity!

        

To graph log files, you can use logXray with either Cacti or Graphite.  In the above Cacti graphs, logXray is used to scan a unique log file on 4 different hosts at 5 minute intervals.  The particular log being scanned is an application log which is being written to several hundred times a minute. LogXray scrapes the application log every 5 minutes and pulls out all entries written to it within that time frame.  From the 5 minute worth of data retrieved after scanning, logXray graphs the number of new entries it finds containing the user-specified strings "hostname.*SUCCESS" or "hostname.*FAILURE" ("hostname" = name of a server) NOTE:  If using Graphite (see below), graphs for all monitored log files are automatically generated and updated without any time consuming configuration on your part.  Also, logs can be polled and graphed as frequently as you desire...every 30s? 1 minute....

Automatically Send Log File Data to Graphite Directly from the Monitoring Server - Setup Checks in Nagios, Crontab or Any Application, see them in Graphite

 

Who needs logrobot?

 

Download logrobot if you wish to:

  • Monitor unlimited logs from any application, database or system, hassle-free!

  • Utilize ONE tool for all your log monitoring, alerting and graphing needs!

  • Scan log files via time frames - Advanced tailing

    • Pull out last x number of minutes worth of data from a log file

      • Eliminate the random grabbing of information (ex. tail -100)

        • This capability allows you to view logs in time frames i.e.

          • -- show entries logged within the last 2 hours

          • -- show entries logged within the last 10 minutes

          • -- show entries log x days ago...etc

  • Implement a log monitoring solution that does not require installing nonnative modules

    • If you wish to avoid tinkering with system files, this is the tool for you!

  • Monitor any log file regardless of size, date and/or time format

  • Monitor multiple log files without any complex time consuming configurations

  • Utilize an automated tool that is configured and ready to go right out of the box

  • Use Nagios / Zabbix / Zenoss / Graphite or CRON to manage all Log Monitoring Tasks

  • Have a Support Team ready to assist you with any technical issues (OR)

    • Be able to submit custom development requests

      • Avoid having to write haphazard scripts yourself!

  • Generate automatic Excel Reports on the alert history of all log checks

  • Utilize a robust log monitor which is maintained regularly and proven to work!

    • And reliable enough for use in production environments

  • Analyze Logs: Get Notified when unfamiliar entries or unusual behavior are detected

  • Get alerts when critical logs stop receiving content after a specific period of time

    • Easily monitor the update times / timestamps of important log files

      • Ensure they are never stale

  • Spend as little time as humanly possible configuring and installing a tool

    • logXray autoinstalls / autoconfigures itself - Ensures a stress free day to day usage!

    • Download it today, start using it to monitor and alert on logs almost immediately!

  • Scan logs for specific entries and exclude a list of special patterns from the result

  • Get information, in each alert, on how long ago a particular pattern was last found

  • Automatically scan and detect log file type and format without user intervention

  • Get notified via email of all events related to your log of choice on any host

See Complete list of Features

Back to Top

Graphing Log Files:

 

 

 

 

 

 

 

Download Now

 

Back to Top

Professional Consultation for Log File Monitoring

 

If you prefer to have our Support team set up log monitoring checks for you on all UNIX systems in your environment, contact us for a quote.

 

The complete log monitoring setup will include:

  • Automated installation of the latest version of the NAGIOS CORE Application on any host you wish to have it on (must be running Linux)

    • Default Nagios Plugins are included with the Install

  • Automated Installation of the latest version of the Cacti Graphing Application on any host of your choice (must also be running Linux)

    • Plugins will be included with the install - which means, you will not have to worry about learning how to install them

  • Automated Installation of the latest version of the Graphite Application on any host of your choice (must also be running Ubuntu)

    • Plugins will be included with the install - which means, you will not have to worry about learning how to install them (this is already included with purchase)

  • Log monitoring for any log file you wish to monitor, as long as it resides on a UNIX system, or on an NFS drive (for windows users)

    • Customized log checks - If you wish to have a specific type of log file monitored in a specific way, this too, can be accommodated.

  • Generate Microsoft Excel Reports on the alert history of your log checks

  • 24 / 7 Support for the maintenance of the configured log checks

    • Maintenance Involves:

      • Requests for changes/additions to the LOGROBOT code for company specific customization purposes

      • Frequent updates and/or upgrades to the latest version of LOGROBOT, whenever available

 

Reasons for Professional Log Monitoring Consultation

 

Professional consultation (or outsourcing) is NOT necessary in most cases.  This is because the installation of LoGrobot/logXray is automated and its usage is very simple to understand.  You DO NOT have to be an experienced UNIX user to get this log monitoring tool up and running.  You only need to follow the basic instructions provided with it.  The few commands you will need to run are simplistic in nature and do not require any technical sophistication.  This means, unlike other tools, there isn't a lengthy manual for you to read.  All the hard work you would have had to do is already programmed into the install script.  All you have to do is run it.

While professional consultation may not be necessary in most cases, there is a variety of reasons some may still wish to delegate the task of monitoring logs to an outside entity.  Whatever the reasons may be, if you need help configuring log checks on any of your UNIX hosts, we will handle it for you.  We are specialized in this particular area and have in our arsenal an enormous collection of automated tools that will execute, on a large scale, a wide range of tasks.  If this option is of interest to you, feel free to Contact Us.

 

Back to Top

Monitoring & Analyzing Log Files (the easy way)

Whenever strange events start to occur on a UNIX System, logXray can be depended upon to help identify the source of the problem through scanning of system logs. In the example below, you can immediately pinpoint when the issues began by simply checking the figures that look the most unusual.

Take a look at the data to the bottom left and right of this column. If you're an Administrator, imagine this scenario.  A very important server in your network goes down.  This server is your responsibility. What do you do?

First, you need to gather information as to WHY it went down.  This is a question your boss will be asking you and you must be ready with a definitive answer.  In addition to the why, you also need to answer for WHEN the system went down.

All this sounds relatively simple enough.  But if you work in a stressful environment, it is in your best interest to have these answers ready as soon as possible instead of having to tell your boss to "hold on while I investigate".

logXray helps users zone in FAST on application, system and database issues directly from the command line, without mandating them to read complicated and lengthy instruction manuals.  Unlike other tools, logXray has a massive built-in data-bank of real-world examples which ensures all users have realistic samples to model their own checks after.

Running logXray as a log analysis tool, on a system log file (or a supported log), as depicted below, will help identify the specific time periods of the database, system or applications issue(s) that you are trying to go get to the bottom of.

Now, after you have identified the time period(s), if you wanted to scan the log file and OUTPUT to your screen all entries that were written to it during the time identified, you can pass the date & time to logXray as the two search strings:

 

Example:  'Aug 11'  and  ' 06:'   (or)   'Aug 11 06:' and '.'

Search String1 = 'Aug 11'

Search String2 = ' 06:'  ---->  Hour of day in UTC/GMT

This will show you all entries that were written to the log on "Aug 11" during the "06" hour.  You can then view or scan those entries to see if any are of interest to you.

 

Analyze Log Files Minute by Minute or Hour by Hour

 

If you wish to quickly identify, from your logs, what time period an issue occurred, logrobot can accomplish that for you effortlessly.

 

The options to use are "-exceldm" and "-exceldh". These two options are designed specifically for minute by minute or hour by hour analysis.

As of right now, this feature is only available for log files that have a date format similar to that of the typical /var/log/messages file..i.e. maillog and also Apache Access logs.

 

 

EXAMPLE 1:

 

If you wanted to find out how many instances of your search patterns occurred each hour for the last 1 day, examine the below.

 

The very first line of the output here tells us that, there are 2551 instances of the occurrence "CRITICAL" at the 6:00 hour.

 

[root@nagios-master ]# logrobot /var/log/messages 1d  analyze 'CRITICAL'

 

frq=2551,zsc=4.60967,asc=[Aug-11-(06)]

frq=999,zsc=0.899289,asc=[Aug-11-(00)]

frq=646,zsc=0.0553688,asc=[Aug-11-(07)]

frq=623,zsc=0.000382513,asc=[Aug-11-(05)]

frq=585,zsc=-0.0904644,asc=[Aug-11-(04)]

frq=560,zsc=-0.150232,asc=[Aug-11-(03)]

frq=547,zsc=-0.181311,asc=[Aug-11-(21)]

frq=543,zsc=-0.190874,asc=[Aug-11-(09)]

frq=542,zsc=-0.193265,asc=[Aug-11-(19)]

frq=540,zsc=-0.198046,asc=[Aug-11-(14)]

frq=539,zsc=-0.200437,asc=[Aug-11-(08)]

frq=537,zsc=-0.205218,asc=[Aug-11-(15)]

frq=537,zsc=-0.205218,asc=[Aug-11-(02)]

frq=534,zsc=-0.212391,asc=[Aug-11-(17)]

frq=534,zsc=-0.212391,asc=[Aug-11-(10)]

frq=533,zsc=-0.214781,asc=[Aug-11-(18)]

frq=532,zsc=-0.217172,asc=[Aug-11-(20)]

frq=531,zsc=-0.219563,asc=[Aug-11-(13)]

frq=531,zsc=-0.219563,asc=[Aug-11-(11)]

frq=530,zsc=-0.221953,asc=[Aug-11-(16)]

frq=527,zsc=-0.229126,asc=[Aug-10-(23)]

frq=526,zsc=-0.231516,asc=[Aug-11-(12)]

frq=524,zsc=-0.236298,asc=[Aug-11-(01)]

frq=497,zsc=-0.300847,asc=[Aug-10-(22)]

frq=23,zsc=-1.43404,asc=[Aug-11-(22)]

Sat Aug 11 22:03:55 UTC 2012

[root@nagios-master ]#

[root@nagios-master ]#

[root@nagios-master ]#

 

Understanding the purpose of Log Analysis

 

Log Analysis is a term often used inaccurately and lumped incorrectly with various other log monitoring duties.  In actuality, Log Analysis encompasses a functionality that is quite different from the typical monitoring of logs.

 

The most basic purpose of Log Analysis is to automatically, without much human intervention, identify issues and threats, based on observed anomalies. 

 

True Log Analysis is automated. It alleviates the responsibility of having to figure out (through trial and error) the proper alert thresholds to assign to log checks.

What is the most common function of Automated Log Analysis?

Sometimes, it isn't much of an issue if a few errors are spotted in a monitored log. In such cases, it may be preferable to application developers, system administrators or database administrators for alerts to be generated only when the frequency of the "errors" is identified to be abnormal or unusual.

 

LoGRobot is equipped with a mathematical mechanism that watches for this.

 

If you're not sure of how many errors indicate a serious application, system, database or network issue, it is recommended you put logrobot's "analysis" option to use.

 

See the documentation for more information, or contact support

 

 

 

What Exactly is a Log File Monitor?

 

A log file monitor is a utility designed and built specifically to monitor and alert on messages produced by computer systems and the applications that run on them.

In UNIX, the monitoring of log files is absolutely necessary, and for good reason. You see, the time of a Unix Professional is valuable. Few, if any, can afford to spend hours each day scouring through the many log files that are generated by systems and network applications. However, if you fail to quickly recognize the abnormal events chronicled in these log files, entire networks can be abused or removed completely from service....which can cost your company dearly, monetarily speaking and time wise.

If you wish to monitor log files, there are basically [ 3 ] options available to you:

  1. You can try writing your own log monitoring script and see how much of your time it consumes

  2. Download any of the FREE log monitoring scripts that are available all over the internet OR

  3. Purchase a professional log monitoring tool that is maintained regularly and is equipped with the capability to handle any log monitoring requirement, no matter how complex

If you embark on a journey to write your own script, you have to understand that it will be an endeavor that will take years to complete, and that's assuming you're a skilled programmer.  Monitoring log files goes far beyond simply watching the contents of files for specific errors.  As time goes on, there will be new requirements, changes, and continuous requests for modifications which in the end, if the developer isn't creative, can lead to an unusable script - one that is not user friendly.

If you choose to download the FREE log monitoring scripts that are available on the internet, you will eventually discover three major things. (1). There is not one script that can handle all your log monitoring needs.  You will have to download, and LEARN to use a variety of different scripts to do what you need.  (2).  After downloading all these scripts, it'll then quickly dawn on you how tedious it is to keep track of them all.  And you'll get frustrated.  (3).  If you're not frustrated, you will be when you find out many of the scripts you downloaded do not scale well and cannot be used across the many different UNIX platforms you have in your environment.  And even if they are, getting these scripts to do what you want them to do without having to read a ton of documentation is next to impossible.  

If downloading scripts off the internet is still an attractive option to you, you must ask yourself some very important questions:

  • Will I be able to easily administer future creation and modification of several log checks (from a central location) using this method?

  • Is this method scalable? 

    • Can I use this one method to easily monitor different logs on several hundred servers, OR

    • Am I going to have to do a lot of painful maintenances, configurations, compilations, installations, tweaking(s) etc?

The answers to these questions are usually quite depressing.  Proceed with caution.

 

Characteristics of the Ideal Log Monitor:

When searching for the right utility to use to monitor & alert on log files, what features should the perfect tool have?

The ideal log monitor must be able to scan and monitor log files in a very short period of time, preferably under 1 to 1.5 second (no matter how big the log file is).

At the very least, the perfect log monitor must be able to:

  • Detect abnormal usage patterns in log files (this requires automated mathematical analysis)

  • Recognize system or network abuse (through use of same mathematical analysis mentioned above)

  • Detect vulnerability scans (e.g. port scans) through the use of user-specified patterns and/or analysis

  • Detect intruders or attempted intrusions (through the use of user-specified patterns or analysis)

  • Detect resource shortages (e.g. slow response times, out-of-memory conditions etc)

  • Avoid duplicate alerts - must be intelligent enough to only generate notifications on valid breaches of thresholds

  • Detect imminent application and system failures

  • Scan, monitor & alert on log files of different formats (this is absolutely crucial)

While each feature listed here is important, it is worth noting that also as important is the fact that, the perfect log monitoring utility must be easy to use. Users SHOULD NEVER have to spend too much time reading documentations before being able to utilize a software.  The more complex a utility is, the more likely it is to be used the wrong way or abandoned altogether.  Imagine having to re-read the Instruction Guide of your Television remote control each time you wanted to use it. Can you picture the annoyance of that?

When it comes to log monitoring, ease of use is essential.  I cannot stress this enough. The developer(s) must focus a great deal of effort into drastically limiting or eliminating the need for complex configuration files. Also, the syntax of the tool must be easily comprehensible and applicable directly from the command line. This means, if a random user were to run the tool from the command line, there shouldn’t be room for confusion. That user should be able to conveniently obtain whichever end result he/she was expecting WITHOUT having to read several pages of a complicated instruction manual.

This is where the superiority of logrobot/logXray comes into play.  logXray is a commercial Log Monitoring utility that is very easy to utilize.  It is robust, seasoned and efficiently versatile like no other tool.  It understands the overriding significance of alert notifications and focuses on ensuring only valid alarms are generated for the log files and directories it monitors.  Installation wise, logXray does not require the configuration or compilation of any nonnative modules or libraries.  Which means, you can install it freely on production/dev/qa servers without having to tamper with existing libraries or modules.

logXray has a wide range of capabilities. It isn't limited to only scanning log file contents for errors.  It can do virtually anything related to log monitoring.  Additionally, logrobot has years of real life situations, possibilities and conditions built into it, which basically means it is highly unlikely you will come up with a need that hasn't already been thought of and programmed into the tool.  In the unlikely event that does happen, chances are, work is already in progress to address it.

To efficiently monitor every critical log file in your UNIX environment however you need them monitored, download the latest version of logrobot (logXray) today!

Back to Top

Quick References to some of logXray's most popular Log Monitoring functions

  1. Exclusions - Specify a List of Patterns to Exclude via Filtering

  2. Monitor Log Files for Expected Record of Events - Alert If Not Found!

  3. Detailed Alerting - Show Offending Entries from Monitored Log Files

  4. Less Detailed Alerting - Do NOT show the Offending entries in alerts

  5. Check Dynamic Logs - Take into account Log Rotation and monitor accordingly

  6. Timeframe - Pull information from logs using user specified Time Frame

  7. Apache Log File Analysis (Nagios) - Alert / Report / Graph Apache Access logs

  8. Use one check to monitor multiple strings within a log - Set thresholds per string

  9. Monitor A Directory of Log Files - Avoid specifying each log file separately

  10. Directory File Count Monitoring - Monitor the number of files in a directory

  1. Automatically Generate Graphs for all Log File Monitors Configured via Nagios

  2. Check Log Time Stamps - Set up Monitoring Checks to Alert when logs stop updating

  3. Check Log File Size - Monitor the disk space consumption of specific files

  4. Automated install of Nagios on Red Hat/CentOS/Ubuntu Hosts (avoid manual steps)

  5. Log Analysis - Alert when a deviation is identified in overall behavior of a log file

  6. Automatically Generate Color-Coded Excel Reports on Log Alert History

  7. Custom Monitoring Agent - Monitor logs with our unique Perl monitoring agent

  8. Log Monitoring Options - Use any one of our monitoring features to alert on logs

  9. Log monitoring made tremendously easy - What makes logrobot / logxray unique!

  10. NRPE - Monitor logs using the very common nagios NRPE monitoring agent

Using LoGrobot / logXray from the Command line

 Scan /var/log/messages for 1 day's worth of information.  Show all lines containing: 'nagios-primary abrtd:' (Log Monitoring Scenario 1A):

 

[root@nagios-primary ~]#

[root@nagios-primary ~]#
[root@nagios-primary ~]# logrobot  autofig  /var/log/syslog  24h  '.'  'nagios-primary abrtd:'  1  5  -show


Jun 10 19:45:34 nagios-primary abrtd: Directory 'ccpp-2012-06-10-19:45:34-19662' creation detected
Jun 10 19:45:35 nagios-primary abrtd: Executable '/prod/nagios-core/sbin/status.cgi' doesn't belong to any package
Jun 10 19:45:35 nagios-primary abrtd: Corrupted or bad dump /var/spool/abrt/ccpp-2012-06-10-19:45:34-19662 (res:2), deleting
Jun 12 07:07:03 nagios-primary abrtd: Directory 'ccpp-2012-06-12-07:07:02-30780' creation detected
Jun 12 07:07:03 nagios-primary abrtd: Executable '/prod/nagios-core/sbin/status.cgi' doesn't belong to any package
Jun 12 07:07:03 nagios-primary abrtd: Corrupted or bad dump /var/spool/abrt/ccpp-2012-06-12-07:07:02-30780 (res:2), deleting
Jun 13 13:40:04 nagios-primary abrtd: Directory 'ccpp-2012-06-13-13:40:04-8128' creation detectesd
Jun 13 13:40:04 nagios-primary abrtd: Executable '/prod/nagios-core/sbin/status.cgi' doesn't belong to any package
Jun 13 13:40:04 nagios-primary abrtd: Corrupted or bad dump /var/spool/abrt/ccpp-2012-06-13-13:40:04-8128 (res:2), deleting


2---81900---9---(Jun/7)-(13:27)---(Jun/14)-(13:27:26)---ETWNFILF---(Jun/10)-(03:37:03)---(Jun/14)-(13:27:26)

Back to Top

Intelligent Tailing of Log Files Using Time Frames (simply specify the log file and the time frame) (Log Monitoring Scenario 1B):

 

Instead of tailing random lines of a log file, why not tail the log based on time frames? 

 

For instance, show me all entries that were logged within the last 5 minutes:

 

 

[root@nagios-primary ~]#  ./logxray /var/log/mail.log 5m

Jan 4 13:09:01 nagios-primary CRON[14456]: (root) CMD ( [ -x /usr/lib/php5/maxlifetime ] && [ -x /usr/lib/php5/sessionclean ] && [ -d /var/lib/php5 ] && /usr/lib/php5/sessionclean /var/lib/php5 $(/usr/lib/php5/maxlifetime))
2 nagios-primary postfix/local[25918]: C93C7302554: to=<root@nagios-primary.localdomain>, orig_to=<root>, relay=local, delay=0.02, delays=0.01/0/0/0, dsn=5.2.2, status=bounced (cannot update mailbox /var/mail/root for user root. error writing message: File too large)
Jan 4 13:09:02 nagios-primary postfix/cleanup[26902]: CB748302555: message-id=<20150104210902.CB748302555@nagios-primary.localdomain>
Jan 4 13:09:02 nagios-primary postfix/bounce[25922]: C93C7302554: sender non-delivery notification: CB748302555
Jan 4 13:09:02 nagios-primary postfix/qmgr[1995]: C93C7302554: removed
Jan 4 13:09:02 nagios-primary postfix/qmgr[1995]: CB748302555: from=<>, size=3383, nrcpt=1 (queue active)
Jan 4 13:09:02 nagios-primary postfix/local[23072]: CB748302555: to=<root@nagios-primary.localdomain>, relay=local, delay=0.04, delays=0.04/0/0/0.01, dsn=5.2.2, status=bounced (cannot update mailbox /var/mail/root for user root. error writing message: File too large)
Jan 4 13:09:02 nagios-primary postfix/qmgr[1995]: CB748302555: removed
Jan 4 13:09:02 nagios-primary postfix/pickup[5920]: EC2B5302554: uid=0 from=<root>
Jan 4 13:09:02 nagios-primary postfix/cleanup[863]: EC2B5302554: message-id=<20150104210902.EC2B5302554@nagios-primary.localdomain>
Jan 4 13:09:02 nagios-primary postfix/qmgr[1995]: EC2B5302554: from=<root@nagios-primary.localdomain>, size=1322, nrcpt=1 (queue active)
Jan 4 13:09:02 nagios-primary postfix/local[25918]: EC2B5302554: to=<root@nagios-primary.localdomain>, orig_to=<root>, relay=local, delay=0.03, delays=0.02/0/0/0.01, dsn=5.2.2, status=bounced (cannot update mailbox /var/mail/root for user root. error writing message: File too large)
Jan 4 13:09:02 nagios-primary postfix/cleanup[26902]: EEBFB302555: message-id=<20150104210902.EEBFB302555@nagios-primary.localdomain>
Jan 4 13:09:02 nagios-primary postfix/bounce[25922]: EC2B5302554: sender non-delivery notification: EEBFB302555
Jan 4 13:09:02 nagios-primary postfix/qmgr[1995]: EEBFB302555: from=<>, size=3381, nrcpt=1 (queue active)
Jan 4 13:09:02 nagios-primary postfix/qmgr[1995]: EC2B5302554: removed
Jan 4 13:09:02 nagios-primary postfix/local[10749]: EEBFB302555: to=<root@nagios-primary.localdomain>, relay=local, delay=0.01, delays=0/0/0/0, dsn=5.2.2, status=bounced (cannot update mailbox /var/mail/root for user root. error writing message: File too large)
Jan 4 13:09:02 nagios-primary postfix/qmgr[1995]: EEBFB302555: removed
Jan 4 13:10:01 nagios-primary CRON[16039]: (root) CMD (/home/nagios/DEEP/logxray-surgery localhost /var/tmp/logXray,graphite,127.0.0.1:8125,c autonda /var/log/apache2/graphite-web_access.log 60m '.' '.' 1 2 http_status_codes_c -ndfoundapachen)
Jan 4 13:10:01 nagios-primary CRON[16040]: (root) CMD (/home/nagios/DEEP/logxray-surgery localhost /var/tmp/logXray,graphite,127.0.0.1:8125,c autonda /var/log/apache2/graphite-web_access.log 60m '.' '.' 1 2 http_status_codes_d -ndfoundapachen)
Jan 4 13:10:01 nagios-primary CRON[16041]: (root) CMD (/home/nagios/DEEP/logxray-surgery localhost /var/tmp/logXray,graphite,127.0.0.1:8125 autonda

2---0---20---ATWFILF---(Jan/4)-(13:09)---(Jan/4)-(13:10:03) ZEAGMitU
 

Back to Top

 Show All entries logged in the [ kern.log ] log file within the last 2 HOURS (Log Monitoring Scenario 2A):

 

root@nagios-primary:~#
root@nagios-primary:~#
root@nagios-primary:~#
root@nagios-primary:~# logrobot  autofig  /var/log/kern.log  2h  '.'  '.'  1  2  -show

Sep 20 17:55:06 nagios-primary kernel: [87310.160050] usb 5-1: new full-speed USB device number 26 using uhci_hcd
Sep 20 17:55:06 nagios-primary kernel: [87310.388215] hub 5-1:1.0: USB hub found
Sep 20 17:55:06 nagios-primary kernel: [87310.390118] hub 5-1:1.0: 4 ports detected
Sep 20 17:55:06 nagios-primary kernel: [87310.673128] usb 5-1.2: new low-speed USB device number 27 using uhci_hcd
Sep 20 17:55:06 nagios-primary kernel: [87310.831895] input: Logitech USB Receiver as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.2/5-1.2:1.0/input/input34
Sep 20 17:55:06 nagios-primary kernel: [87310.832071] logitech 0003:046D:C517.001B: input,hidraw0: USB HID v1.10 Keyboard [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input0
Sep 20 17:55:06 nagios-primary kernel: [87310.863133] logitech 0003:046D:C517.001C: fixing up Logitech keyboard report descriptor
Sep 20 17:55:06 nagios-primary kernel: [87310.865367] input: Logitech USB Receiver as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.2/5-1.2:1.1/input/input35
Sep 20 17:55:06 nagios-primary kernel: [87310.865633] logitech 0003:046D:C517.001C: input,hiddev0,hidraw3: USB HID v1.10 Mouse [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input1
Sep 20 17:55:08 nagios-primary kernel: [87312.249129] usb 5-1.3: new low-speed USB device number 28 using uhci_hcd
Sep 20 17:55:08 nagios-primary kernel: [87312.436287] input: No brand 4 Port KVMSwicther as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.3/5-1.3:1.0/input/input36
Sep 20 17:55:08 nagios-primary kernel: [87312.436429] generic-usb 0003:10D5:55A4.001D: input,hidraw4: USB HID v1.10 Keyboard [No brand 4 Port KVMSwicther] on usb-0000:00:1d.0-1.3/input0
Sep 20 17:55:08 nagios-primary kernel: [87312.442165] usbhid 5-1.3:1.1: couldn't find an input interrupt endpoint

2---3240---13---(Sep/20)-(16:49)---(Sep/20)-(17:55:08)---ETWNFILF---(Sep/20)-(17:55)---(Sep/20)-(17:55:08)
 

Back to Top

 Scan through the above output and show ONLY lines that contain the strings "USB HID" (Log Monitoring Scenario 2B):

 

root@nagios-primary:~#
root@nagios-primary:~#
root@nagios-primary:~#
root@nagios-primary:~# logrobot  autofig  /var/log/kern.log  2h  '.'  'USB HID'  1  2  -show
 

Sep 20 17:55:06 nagios-primary kernel: [87310.832071] logitech 0003:046D:C517.001B: input,hidraw0: USB HID v1.10 Keyboard [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input0
Sep 20 17:55:06 nagios-primary kernel: [87310.865633] logitech 0003:046D:C517.001C: input,hiddev0,hidraw3: USB HID v1.10 Mouse [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input1
Sep 20 17:55:08 nagios-primary kernel: [87312.436429] generic-usb 0003:10D5:55A4.001D: input,hidraw4: USB HID v1.10 Keyboard [No brand 4 Port KVMSwicther] on usb-0000:00:1d.0-1.3/input0

2---3420---3---(Sep/20)-(16:52)---(Sep/20)-(17:55:08)---ETWNFILF---(Sep/20)-(17:55)---(Sep/20)-(17:55:08)
 

Back to Top

 Show once again All entries recorded in the [ kern.log ] log file within the last 2 HOURS (Log Monitoring Scenario 3A):

 

 

root@nagios-primary:~#
root@nagios-primary:~#
root@nagios-primary:~#
root@nagios-primary:~# logrobot  autofig  /var/log/kern.log  2h  '.'  '.'  1  2  -show

Sep 20 17:55:06 nagios-primary kernel: [87310.160050] usb 5-1: new full-speed USB device number 26 using uhci_hcd
Sep 20 17:55:06 nagios-primary kernel: [87310.388215] hub 5-1:1.0: USB hub found
Sep 20 17:55:06 nagios-primary kernel: [87310.390118] hub 5-1:1.0: 4 ports detected
Sep 20 17:55:06 nagios-primary kernel: [87310.673128] usb 5-1.2: new low-speed USB device number 27 using uhci_hcd
Sep 20 17:55:06 nagios-primary kernel: [87310.831895] input: Logitech USB Receiver as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.2/5-1.2:1.0/input/input34
Sep 20 17:55:06 nagios-primary kernel: [87310.832071] logitech 0003:046D:C517.001B: input,hidraw0: USB HID v1.10 Keyboard [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input0
Sep 20 17:55:06 nagios-primary kernel: [87310.863133] logitech 0003:046D:C517.001C: fixing up Logitech keyboard report descriptor
Sep 20 17:55:06 nagios-primary kernel: [87310.865367] input: Logitech USB Receiver as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.2/5-1.2:1.1/input/input35
Sep 20 17:55:06 nagios-primary kernel: [87310.865633] logitech 0003:046D:C517.001C: input,hiddev0,hidraw3: USB HID v1.10 Mouse [Logitech USB Receiver] on usb-0000:00:1d.0-1.2/input1
Sep 20 17:55:08 nagios-primary kernel: [87312.249129] usb 5-1.3: new low-speed USB device number 28 using uhci_hcd
Sep 20 17:55:08 nagios-primary kernel: [87312.436287] input: No brand 4 Port KVMSwicther as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.3/5-1.3:1.0/input/input36
Sep 20 17:55:08 nagios-primary kernel: [87312.436429] generic-usb 0003:10D5:55A4.001D: input,hidraw4: USB HID v1.10 Keyboard [No brand 4 Port KVMSwicther] on usb-0000:00:1d.0-1.3/input0
Sep 20 17:55:08 nagios-primary kernel: [87312.442165] usbhid 5-1.3:1.1: couldn't find an input interrupt endpoint

2---3960---13---(Sep/20)-(17:01)---(Sep/20)-(17:55:08)---ETWNFILF---(Sep/20)-(17:55)---(Sep/20)-(17:55:08)

 

 

Back to Top

 From the above output, exclude all lines that contain 'logitech' and show me what is left (Log Monitoring Scenario 3B):

 

 

root@nagios-primary:~#
root@nagios-primary:~#
root@nagios-primary:~#
root@nagios-primary:~#
root@nagios-primary:~# logrobot autofig /var/log/kern.log 2h '.' 'Logitech' 1 2 -showexcl

Sep 20 17:55:06 nagios-primary kernel: [87310.160050] usb 5-1: new full-speed USB device number 26 using uhci_hcd
Sep 20 17:55:06 nagios-primary kernel: [87310.388215] hub 5-1:1.0: USB hub found
Sep 20 17:55:06 nagios-primary kernel: [87310.390118] hub 5-1:1.0: 4 ports detected
Sep 20 17:55:06 nagios-primary kernel: [87310.673128] usb 5-1.2: new low-speed USB device number 27 using uhci_hcd
Sep 20 17:55:08 nagios-primary kernel: [87312.249129] usb 5-1.3: new low-speed USB device number 28 using uhci_hcd
Sep 20 17:55:08 nagios-primary kernel: [87312.436287] input: No brand 4 Port KVMSwicther as /devices/pci0000:00/0000:00:1d.0/usb5/5-1/5-1.3/5-1.3:1.0/input/input36
Sep 20 17:55:08 nagios-primary kernel: [87312.436429] generic-usb 0003:10D5:55A4.001D: input,hidraw4: USB HID v1.10 Keyboard [No brand 4 Port KVMSwicther] on usb-0000:00:1d.0-1.3/input0
Sep 20 17:55:08 nagios-primary kernel: [87312.442165] usbhid 5-1.3:1.1: couldn't find an input interrupt endpoint

2---4320---(8)-(13)-(61.5385%)-(8)-(0)-(frq=8,zsc=0,asc=[Sep-20-(17:55)])---(Sep/20)-(17:07)---(Sep/20)-(17:55:08)---ETWNFILF---(Sep/20)-(17:55)---(Sep/20)-(17:55:08)
 

 

Back to Top

 Alert if a specific string is found in a log file. In the alert, show the offending / matching log entries (Log Monitoring Scenario 4):

 

Command:

nagios@logrobot-04:/var/log$  ./logxray  localhost logrobot autonda /var/log/syslog 60m 'kernel|panic' '.' 3 5 syslog_check -ndshow

 

Explanation:

  1. The log file to monitor is /var/log/syslog file

  2. Monitor this log for any line containing "kernel" or "panic".

    1. Indicated with the 'kernel|panic'  and  '.'

  3. If the number of lines found is less than 3, exit with an OK

  4. If the number of lines found is greater than or equal to 3, and less than 5, exit with a WARNING

  5. If the number of lines found is greater than or equal to 5, exit with a CRITICAL

  6. The name of this log check is syslog_check

  7. Whenever lines are found in the log containing the specified strings, we want to see those lines.

    1. Indicated with the -ndshow

  8. While trying to scan this log file, if it is detected that the timestamp of the log itself is older than 60 minutes, abort!

Back to Top

 Monitor log for specific entries, exclude lines containing certain strings, then alert on what's left (Log Monitoring Scenario 5):

 

Command:

nagios@logrobot-04:/var/log$ ./logxray localhost logrobot autonda /var/log/syslog 60m 'kernel|panic' 'abrt' 3 5 syslog_check -ndshowexcl

 

Explanation:

  1. Monitor the /var/log/syslog file

  2. Scan the log for any line containing "kernel" or "panic". Ignore lines containing 'abrt', if found on the same line

  3. If the number of lines found is less than 3, exit with an OK

  4. If the number of lines found is greater than or equal to 3, and less than 5, exit with a WARNING

  5. If the number of lines found is greater than or equal to 5, exit with a CRITICAL

  6. The name of this log check is syslog_check

  7. From the list of lines found containing 'kernel' or 'panic', exclude/ignore lines that have the string 'abrt' in them

    1. Indicated with the -ndshowexcl

  8. While trying to scan this log file, if it is detected that the timestamp of the log itself is older than 60 minutes, abort immediately

Back to Top

 Search through the [ syslog ] file. Find out which HOUR within the last 8 hours had the most entries logged (Log Monitoring Scenario 6):

 

nagios@logrobot-04:/var/log$
nagios@logrobot-04:/var/log$
nagios@logrobot-04:/var/log$
nagios@logrobot-04:/var/log$ logrobot autofig /var/log/syslog 8h '.' '.' 1 2 -exceldh
 

frq=553,zsc=1.52781,asc=[Oct-17-(10)]
frq=531,zsc=1.29027,asc=[Oct-17-(11)]
frq=456,zsc=0.480479,asc=[Oct-17-(12)]
frq=384,zsc=-0.296925,asc=[Oct-17-(09)]
frq=383,zsc=-0.307722,asc=[Oct-17-(07)]
frq=376,zsc=-0.383303,asc=[Oct-17-(06)]
frq=362,zsc=-0.534465,asc=[Oct-17-(08)]
frq=247,zsc=-1.77615,asc=[Oct-17-(05)]
 

 

Back to Top

Search the [ syslog ] file once again.  This time, find which MINUTE(S) within the last 1 Hour had the most entries logged (Log Monitoring Scenario 7):

 

 

nagios@logrobot-04:/var/log$
nagios@logrobot-04:/var/log$
nagios@logrobot-04:/var/log$
nagios@logrobot-04:/var/log$ logrobot autofig /var/log/syslog 1h '.' '.' 1 2 -exceldm
 

frq=19,zsc=3.01441,asc=[Oct-17-(12:20)]
frq=17,zsc=2.4241,asc=[Oct-17-(12:19)]
frq=15,zsc=1.8338,asc=[Oct-17-(12:56)]
frq=15,zsc=1.8338,asc=[Oct-17-(12:23)]
frq=15,zsc=1.8338,asc=[Oct-17-(12:18)]
frq=14,zsc=1.53865,asc=[Oct-17-(12:55)]
frq=14,zsc=1.53865,asc=[Oct-17-(12:05)]
frq=13,zsc=1.2435,asc=[Oct-17-(12:50)]
frq=13,zsc=1.2435,asc=[Oct-17-(12:24)]
frq=12,zsc=0.948352,asc=[Oct-17-(12:57)]
frq=12,zsc=0.948352,asc=[Oct-17-(12:25)]
frq=12,zsc=0.948352,asc=[Oct-17-(12:15)]
frq=11,zsc=0.653201,asc=[Oct-17-(12:54)]
frq=11,zsc=0.653201,asc=[Oct-17-(12:45)]
truncated...

 

 

Back to Top

Advanced Tailing - Scan the Content of Log Files Via Time Frames (autofig) - More Examples!

 

 

General logrobot Syntax:

 

USAGE:   ./logxray  localhost  /var/tmp/logXray  autofig   (logfile)   (time-in-minutes)   '(string1)'   '(string2)'   (warn)   (critical)   (-foundn)
 

 

Basic Usage: 

[root@monitor jbowman]#
[root@monitor jbowman]#
[root@monitor jbowman]#  ./logxray  localhost  /var/tmp/logXray autofig  /var/log/messages  1440  'ntpd'  'stratum'  5  10  -foundn

2---240---108---ATWFILF---(Apr/13)-(03:35)---(Apr/14)-(03:35:23)

[root@monitor jbowman]#
[root@monitor jbowman]#
 

 

So now lets break this down:

  • logrobot is the tool name.

  • localhost = a parameter that must be set if running from the command line

  • /var/tmp/logXray = a parameter that must be specified if running from the command line

  • autofig is an option that is passed to the logrobot tool to tell it what to do.  In this particular case, autofig is instructing logrobot to "automatically figure out" what type of log file /var/log/messages is, and if the format of the log file is supported, perform the remaining functions.  If the log type is not supported, use "autonda".  "autonda" is a much advanced version of "autofig", equipped with the capability to monitor any log file, regardless of format.

  • /var/log/messages is of course the log file.

  • 1440 is the amount of previous minutes you want to search the log file for. 1440 = last 24 hours.

  • "ntpd" is one of the strings that is in the lines of logs that you're interested in.

  • "stratum" is another string on the same line that you expect to find the "ntpd" string on. Specifying these two strings (luance and Err1310) isolates and processes the lines you want a lot quicker, particularly if you're dealing with a huge log file.

  • 5 specifies Warning. By specifying 5, you're telling the program to alert as WARNING if there are at least 5 occurrences of the search strings you specified, in the log file within the last 60 minutes.

  • 10 specifies Critical. By specifying 10, you're telling the program to alert as CRITICAL if there are at least 10 occurrences of the search strings you specified, in the log file within the last 60 minutes.

  • -foundn specifies what type of response you'll get. By specifying -foundn, you're saying if anything is found that matches the specified strings within the 60 minute time frame, then that should be regarded as a problem and outputted out.

Summarized Explanation:

As you can see, the logrobot tool is monitoring a log file. The arguments that are passed to the tool instructs it to do the following:

Within the last 60 minutes, if the tool finds less than 5 occurrences of the specified strings in the log file, DO NOT alert. If the tool finds between 5 to 9 occurrences of the specified strings in the log, it'll alert with a WARNING. If the tool discovers 10 or more instances of the strings in the log within the last 60 minutes, it'll alert with a CRITICAL.

Now, let us look at the result of the command:

2---240---108---ATWFILF---(Apr/13)-(03:35)---(Apr/14)-(03:35:23)

There are 6 columns which are separated by 3 hyphens (---).  The first column shows the exit code of the command you just ran.  0 means all is well. 1 means WARNING, which means, logrobot discovered conditions that fell under the WARNING specification you provided.  2 means CRITICAL, which means, the worst case scenario has been reached.

In this particular example, here's what the output is telling us: 

You requested to have the /var/log/messages file scanned as far back as 24 hours ago (1440 minutes).

The timeframe that was scanned was from [ April 13, 03:35 ] to [ April 14, 03:35 ].  After scanning through the records that were written to the log in that time frame, logrobot found 108 lines that contained both strings of "ntpd" and "stratum 2".  Also, as an FYI, the last date and time those specific strings were found in the log file was 240 seconds ago.

 

Common Log Monitoring Scenarios

 

  Monitor Specific Log Files in A Specific Directory for New Occurrences of Specific Strings 

Case Scenario:

Monitor all log files in the /var/log directory that have the word 'messages' in their names.  Check each log found matching this criteria for new entries containing the string 'ERROR'. 

If the number of entries found in any 'messages' file in the directory is less than 5, exit with an OK status.  If above 5 but less than 10, alert as Warning.  If above or equal to 10, alert as Critical.

Command:

[root@monitor jbowman]#   ./logxray  localhost  /var/tmp/logXray  autoblz  /var/log,include:messages  30m  'ERROR'  '.'  5  10  log_mon_3  -ndfoundn

 

Back to Top

 


Monitor log files for user-specified entries, then EXCLUDE specific lines from the results  

Case Scenario:

Within the last 30 minutes, find out how many lines in the log file [ /var/log/app.log ] contained both entries of "ERROR" and "Client". If any lines are found containing these two strings (ERROR.*Client), take note of that.

From the list of lines found, see if there are any lines that also contain the keywords "error 404" OR "updateNumber".  If there are, remove them from the list.  After removing them, show me what is left.  If the number of lines left is between 5 and 9, alert as WARNING.  If equal to or over 10, alert as CRITICAL.  If below 5, do not alert!

Command:

[root@monitor jbowman]#  ./logxray  localhost  /var/tmp/logXray  autonda  /var/log/app.log  30  ‘ERROR.*Client’  '(error 404|updateNumber)'  5  10  applog_tag  -ndshowexcl

 

Back to Top


  Monitor log files for certain entries - ALERT IF those entries are NOT found!  

Case Scenario:

For instance, within the last 30 minutes, if logrobot does not find at least 2 lines containing the words "Success" and "Client"  and "returned 200" OR "update:OK" in the log file, it must alert.  So in other words, the lines to search for MUST contain both words of Success & Client (Success.*Client) AND one or both of the strings returned 200 and update:OK.

Command:

[root@monitor jbowman]#  ./logxray  localhost  /var/tmp/logXray  /var/log/app.log  30  ‘SUCCESS.*Client’  '(returned 200|update:OK)'  2  2  expected_entry_tag  -ndnotfoundn

 

Back to Top


Monitor Log files for specific entries - When found, display all offending lines in alert  

 

This is particularly helpful in cases where you might want to see the actual lines that contain the patterns you instructed the tool to search for.

 

 Example:

[root@monitor jbowman]#  ./logxray  localhost  /var/tmp/logXray  autonda  /var/log/app.log  30  ‘ERROR.*Client’  '(returned 200|update:OK)'  5 10  error_exceptions  -ndshow

 


  Scan log files for minutes, hours, days, weeks or months worth of data  

 

For instance, to pull out 2 weeks of information from within a large log file and to find out how many lines contain certain strings and patterns, you can run a command similar to this:

 

Example:

[root@monitor jbowman]#  ./logxray  localhost  /var/tmp/logXray  autofig  /var/log/app.log  2w  ‘ERROR|error|panic|fail’  ‘ERROR|error|panic|fail’  5  10  -foundn

 

Notice the [ 2w ].  And also, notice the strings being searched for.  I repeated the strings ‘ERROR|error|panic|fail’ twice because there is no need to specify different search terms to look for.  You don't have to repeat the first string.  You can just enter a dot in its place for the second string..i.e:

 

[root@monitor jbowman]#  ./logxray  localhost  /var/tmp/logXray  autofig  /var/log/app.log  2w  ‘ERROR|error|panic|fail’  ‘.’  5  10  -foundn

 

From this specific example, I'm telling logrobot that I care about EVERY single line that contains any of the keywords I provided.  The [ 2w ] of course means 2 weeks. 

 

 See below for the different ways of specifying the date range:

5m = 5 minutes (changeable to any number of minutes)

10h = 10 hours (changeable to any number of hours)

2d = 2 days (changeable to any number of days)

2w = 2 weeks (changeable to any number of weeks)

3mo = 3 months (changeable to any number of months)

 

Back to Top


Monitor log file for specific patterns, use user-specified strings to filter out lines to alert on:  

 

 

Command:

 

[root@monitor jbowman]#  ./logxray localhost /var/tmp/logXray autonda /var/log/syslog 60m 'kernel|panic' 'abrt'  3 5 syslog_check -ndshow

 

Explanation:

  1. Monitor the /var/log/syslog file

  2. Scan the log for any line containing "kernel" or "panic".

  3. When the above lines are found, from those lines select only the lines that also contain the pattern/keyword "abrt"

    • Ignore all lines which do not have 'abrt' on them

  4. If the number of lines found is less than 3, exit with an OK

  5. If the number of lines found is greater than or equal to 3, and less than 5, exit with a WARNING

  6. If the number of lines found is greater than or equal to 5, exit with a CRITICAL

  7. The name of this log check is syslog_check

  8. From the list of lines found containing 'kernel' or 'panic', exclude/ignore lines that have the string 'abrt' in them

    1. Indicated with the -ndshow

  9. While trying to scan this log file, if it is detected that the timestamp of the log itself is older than 60 minutes, abort immediately

 

 

Back to Top


Reason for Specifying Exclusions in LogChecks

Suppose you inherit a UNIX environment at a new job and you're unfamiliar on what to look for within the logs of a particular application, here's an idea; instead of worrying about what to watch for, why not force the logs to reveal their hidden contents?

 

In the example below, logrobot is instructed to search the entire messages file (denoted with the '.').  Then, it is to ignore every line that contains any one of these specific strings: 'nagios-primary nagios' OR 'not responding' OR 'synchronized to'.  Whichever lines are left after these THREE patterns are ignored should be alerted on.

 

The logic here is; if you can identify which entries in the logs are of NO importance to you, you can exclude them from being monitored.  Therefore, if a log file is stripped of the familiar and unwanted, whatever is left will be unfamiliar, thus requiring investigation.
 

[root@nagios-primary ~]# logrobot autofig /var/log/messages 24h '.' 'nagios-primary nagios|not responding|synchronized to' 1 5 -showexcl

 

Jun 13 13:40:04 nagios-primary abrt[8269]: saved core dump of pid 8128 (/prod/nagios-core/sbin/status.cgi)
Jun 13 13:40:04 nagios-primary abrtd: Directory 'ccpp-2012-06-13-13:40:04-8128' creation detected
Jun 13 13:40:04 nagios-primary abrtd: Executable '/prod/nagios-core/sbin/status.cgi' doesn't belong to any
Jun 13 13:40:04 nagios-primary abrtd: Corrupted or bad dump /var/spool/abrt/ccpp-2012-06-13-13:40:04
Jun 14 02:20:41 nagios-primary auditd[5813]: Audit daemon rotating log files

Back to Top

 

Monitor Log Files via Crontab & Receive Email Notifications

 

To set up log file monitoring checks via CRONTAB and Receive Email Notifications on those Checks, see below:
 

 

root@nagios-primary ~# ./nlm localhost:email logrobot autonda /var/log/messages 1h 'kernel' 'timed out' 1 2 -show  Kernel_Timeouts  Support@Logrobot.com

 

  • The name given to this particular log check is "Kernel_Timeouts".  The subject of the email alerts you receive will be similar to any of these:

  • CRITICAL:  [ Kernel_Timeouts ] localhost Log Scan [ ISSUES ].

  • WARNING:  [ Kernel_Timeouts ] localhost Log Scan [ ISSUES ].

  • OK:  [ Kernel_Timeouts ] localhost Log Scan [ RECOVERY ].

 

 

 

 

Monitor the [ /var/log ] Directory

  • Watch for files that were recently updated within [ 5 ] hours

  • If/When those files are found, scan them, watch for entries containing [ "ERROR" ]

  • If less than [ 15 ] entries are found containing [ "ERROR" ], do not alert - this is not an issue

  • If more than or equal to [ 15 ] entries are found, but less than [ 20 ], alert as WARNING

  • If more than or equal to [ 20 ] entries are found, alert as CRITICAL

  • If the above threshold is breached, send an email alert to the address [ logrobotTool@Gmail.com ]

  • In the alert show only the file(s) found in the [ /var/log ] directory that contained the [ "ERROR" ] string

 

Log Monitoring Example:

 

root@nagios-primary ~# ./nlm  monitor-01.net:email  logrobot  autoblz  /var/log  5h  'ERROR'  '.'  15  20  grahite_access_dirk14  -ndshow  logrobotTool@Gmail.com

 

Email Screen Shots of Log Monitoring Checks:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Back to Top

Configuring logrobot with Nagios / Icinga / Shinken (if you have any of them)


Your [ commands.cfg file ] will contain:

define command {
                            command_name         NLM
                            command_line            $USER1$/nlm $ARG1$ $HOSTNAME$ $ARG2$ $ARG3$ $ARG4$ "$ARG5$" "$ARG6$" $ARG7$ $ARG8$ $ARG9$ $ARG10$ $ARG11$ $ARG12$
}


OR


define command {
                            command_name         NLM
                            command_line            $USER1$/nlm $ARG1$ $HOSTADDRESS$ $ARG2$ $ARG3$ $ARG4$ "$ARG5$" "$ARG6$" $ARG7$ $ARG8$ $ARG9$ $ARG10$ $ARG11$ $ARG12$
}
 

Your [ services.cfg file ] will look similar to:

define service {
                      check_command                         NLM!logrobot!autonda!/var/log/proteus.log!15m!500.html!500 Internal Server Error!1!2!500_Errors!-ndshow
                      max_check_attempts                  1
                      service_description                     500_ERRORS_LOGCHECK
                      host_name                                 logrobot-01.net,logrobot-02.net,logrobot-03.net
                      use                                           fifteen-minute-interval
 }
 

Back to Top


After the above configuration is completed, follow the instructions below (or just type 'kinglazy' at the command line:

  1. Copy (scp) the logrobot package file to each one of the remote hosts (in the above example, I would have to copy it to each one of the hosts specified for "host_name")

    1. If you have several hosts on which logs need to be monitored, don't panic.  Simply bring up the "kinglazy" interface, and pick option 6

      1. Option 6 will ask you to provide the list of hosts, and from there, it will automatically copy logrobot to each host and install it for you!

  2. When the logrobot package file has been copied over to the remote hosts, unzip it, then run the install script on each of the hosts:

  •  unzip logrobot.zip  ; cd logrobot

  •  [  ./InstallAgent.sh     /apps/magent     5666     10.20.30.40  ]   --- Change the port to an open TCP port, change the IP to match the IP of the Master server.

  1. On the master server, (the server on which Nagios is installed, and from which you plan on monitoring all your log files), run this:

  •  unzip logrobot.zip  ; cd logrobot

  •  [  ./InstallAgent.sh     /apps/magent     5666     10.20.30.40  ]   --- Change the port to an open TCP port, change IP to match the IP of the Master server.

 

To test and make sure everything works as it should, on the Master server, run the following command (change the parameters as needed):

  •  ./nlm  logxray  logrobot-01.net  /var/tmp/logXray  autonda  /var/log/proteus.log  15m  '500.html'  '500 Internal Server Error'  2  3  proteuslog   -ndshow

 

What's going on with the above command?

We're basically telling Nagios to:

  • monitor the log file named /var/log/proteus.log on the remote host logrobot-01.net

  • scan the last 15 minutes of information of the log file - in other words, pull out 15 minutes worth of information/lines

  • from the 15 minutes worth of information, alert as Warning if at least 2 lines (but less than 3 lines) are found that contain 500.html and 500 Internal Server Error'.

  • from the last 15 minutes of information, alert as Critical ONLY if 3 or more lines are found that contain 500.html and 500 Internal Server Error'.

  • alert as OK if less than 2 lines are found in the log file matching the specified strings / patterns

  • if an error is found in the log, keep alerting until a time period of at least 15 minutes has passed WITHOUT any new problem lines added to the log

  • the "-ndshow" will show you the actual lines from the log that triggered the alert.

  • the "autonda" is a feature which allows logrobot to monitor any log file given to it, regardless of log file type, format, or size

 

Sample Screenshot

 

Another Screenshot from a different setup:


 

 

Back to Top

 

Frequently Asked Questions

 

  1. What exactly can I do with with LoGrobot log monitoring system?

  2. Is it safe and easy to install the LoGrobot log monitoring system?

  3. How many lines of Code is LoGrobot made of?

  4. How Big is the LoGrobot Log Monitoring tool?

  5. Does LoGrobot run locally on each host?

  6. Is LoGrobot completely separate from the front end?

  7. How long does it take for LoGrobot to execute on a host?

  8. With what frequency does it run?

  9. What happens if the log file is several GIGABYTES in size?

  10. What do I do if search strings won't fit on the command line?

  11. Can the LoGrobot log monitoring system handle log rotation?

  12. Is it easy to setup log monitoring checks for log files using LoGrobot?

  13. Can LoGrobot monitor log files that do not have dates?

  14. After downloading LoGrobot will you help me if I need any help?

  15. Do I have to use LoGrobot with any specific monitoring application?

  16. Can you provide help with the automated install of Nagios or Cacti

  1. What exactly is the NagiosLogMonitor?

  2. How much is the LoGrobot log monitoring plugin / monitoring system?

  3. Are there any situations LoGrobot will not be able to handle?

  4. Is there a Money Back Guarantee?

  5. Can I submit requests for custom / personalized Log Monitoring features?

  6. What must I do to monitor log files on ALL my UNIX servers?

  7. Can I generate Reports on the history of log monitoring alerts received?

  8. Can I scan for multiple strings / patterns in a log file at the same time?

  9. Is Nagios and/or Cacti free to use?

  10. What makes LoGrobot Superior to other Log Monitoring tools?

  11. What is logXray?

  12. How fast is logXray?

  13. What options do I have to purchase LoGrobot / logXray?

  14. Additional Benefits

  15. Can I View logs of a remote host without having to log in to the host?

  16. Will my log file type be supported?

Back to Top


 

What exactly can I do with LoGrobot?

If you can think up a log monitoring necessity, LoGrobot / logXray  can accommodate it.  Visit the following link for a full list of features available:

http://www.logrobot.com/log-file-monitoring-features-options.htm

The massive log monitoring capabilities of logXray include, but surely aren't limited to:

  1. Monitoring & Alerting on the contents of system log files (errors, strings, keywords, patterns etc)

  2. Monitoring & Alerting on custom Application log files (mysql, oracle, apache/http and much more)

  3. Alerting if certain keywords / patterns ARE NOT found inside a specific log within a specific timeframe

  4. Monitoring & Alerting on the timestamps of log files (verify files are being updated regularly)

  5. Monitoring several log files at the same time - (very useful if you have multiple logs to scan)

  6. The capability to monitor both live and rotated logs to ensure nothing is missed

  7. Graphing the frequency with which user-specified patterns occur in log files

    1. Or graph for anomalies

  8. Monitoring & Alerting on the size of log files (ensure logs do not consume too much disk space)

  9. Monitor log files no matter how big they are (even logs that are GIGABYTES in size)

  10. Conditional Monitoring..i.e:

    1. Alert if a certain column of a newly added log entry has a value greater than or less than x

  11. View logs on all your servers from one Web Interface (avoid having to ssh to each host)

  12. Analysis - Easily identify which minute or hour of the day had the most entries recorded

 

 

Please note there are many additional features that haven't been listed on this page.  This is done on purpose.   If you have a particular requirement (which isn't listed), please contact our support team.  We are happy to provide details on what else LOGROBOT can do for you.  Chances are, 99% of the time, your requirement has been thought off by previous customers and provisions for it have already been built into the tool.

 

Back to Top


 

Is it Safe and easy to install LoGrobot / logXray?

Yes.

With logrobot, there's very little you have to do.  We are very proud to announce that, unlike other tools that consider themselves "log monitoring", LoGrobot does not require users to install packages, libraries or modules that are unnatural to the UNIX system in order to get it work.  It just works!

Just drop it in the same directory as the rest of your plugins.  If using Nagios, define nagios configurations for it (in commands.cfg, services.cfg), set it up to begin monitoring your log of choice, and that's really all there is to it. 

When Nagios or Crontab goes to run your log checks, logXray will automatically configure itself in the default directory you specified and will from that point on begin to monitor any log file (or directory) you tell it to watch. 

Back to Top


 

How many lines of Code is LoGrobot composed of?

The lines of code that make up LoGrobot is about 200,000+.  Does it affect the efficiency with which it completes checks?  Absolutely not! logXray completes scanning of logs quickly (under 1 second).

Back to Top


 

How Big is the LoGrobot tool?

The current size of the premium version of the logrobot tool (logXray) is a little over 12MB. 

Back to Top


 

Does LoGrobot run locally on each host on which logs are being checked?

Yes, it runs locally on each host but can be easily controlled entirely from the monitoring master server.

If using LoGrobot to monitor your logs, simply place the tool on the host(s) on which you have log files to monitor.  You can send instructions to the tool from the Master server without having to log into the host on which the tool lives.

Back to Top


 

Is LoGrobot completely separate from the management front end (but can be controlled by it)?

Yes.  Originally, the LoGrobot log monitoring utility was built to work with Nagios. However, over the years, and due to varying customer needs, we have added a huge variety of different functionalities that allows it to fully function without Nagios. 

If you need LoGrobot to operate in a very specific fashion, do not hesitate to contact us.

Back to Top


 

How long does it take for LoGrobot to execute a log file check on a host? With what frequency does it run?

0.2 - 1.5 seconds.  It can be scheduled to run at any interval.

           

 

Back to Top


 

Can LoGrobot monitor log files that are over 1 GIGABYTE in size?

Yes. The size of a log file doesn't matter.  LoGrobot scans most log files from the previous point it left off.  If the log file is rotated, it will scan the unread entries from the rotated log, then continue scanning the new live log, thereby ensuring entries aren't missed.

Back to Top


 

Can I use LoGrobot to monitor a huge list of strings which won't fit on the command line?

Yes. If your list of strings is too long or too many to fit nicely on the command line, you can instruct LoGrobot to use configuration files instead.  All you need to put in the config file(s) is the list of patterns (one per line) you want to monitor.  Nothing more.

Back to Top


 

Can LoGrobot handle log rotation?:

Yes. LoGrobot automatically watches for signs of log rotation and when detected, it proceeds to scan the unread entries from the recently rotated log, in addition to monitoring the fresh live log.

Back to Top


 

How easy is it to setup log file checks / log file monitoring for log files using LoGrobot?

It is very easy to setup log file checks through LoGrobot.  Click any of the following links for more information:

You can literally start monitoring your logs within seconds of purchasing, downloading and unzipping the LoGrobot tool.  That is one of the many benefits of having a versatile tool that can act either as a plugin or a standalone system, without forcing users to break a sweat!

logXray was built specifically for use by the every UNIX user (i.e. system administrators, developers, dbas, monitoring engineers) - those who interact with the command line on a frequent basis.

And if you're a web interface (point and click) kind of user, don't you worry.  We thought about you too! Click here.

Back to Top


 

Some of my Log files do not have a date format.  Can LoGrobot monitor these types of logs?

Yes!

 

Back to Top


 

After downloading LoGrobot / logXray will you assist me if I need any help?

Absolutely!  Support is already included in the purchase price...so we recommend taking advantage of it.

 


 

 


 

 


 

 


 

 

Back to Top


 

Do I Have to use LoGrobot with Nagios, Graphite or Cacti or any specific monitoring application?

Absolutely not.  LoGrobot does not rely on any other application in order for it to monitor and alert on logs.

Graphing:  To graph log files, you will need to install Cacti, Graphite or a similar application.  LoGrobot can help with the automated install of Cacti and Graphite.  Contact us for more information!

Back to Top


 

If I want to install Nagios, Cacti / Graphite, will you provide help with the installation?

Absolutely! We have an automated utility in our arsenal called "kinglazy" which will install both applications for you.  The sole purpose of this tool is to make life tremendously simple for the stupendously lazy ones amongst us.  This tool will relieve you of the tedious responsibility of having to labor over complex configuration procedures. 

However, for the kinglazy tool to be of any use to you (as far as the Installation of the applications are concerned), all we ask is that you have a fresh install of Ubuntu (if you wish to install Graphite) or a fresh install of Red Hat/CentOS (for those wishing to install Nagios and/or Cacti). 

Once you have the freshly installed OS in place, all you have to do next, is put the shell script we give you on the new host and run it.  The script will do everything else for you.  No silly questions, No reading of confusing installation steps.  The script will handle all that for you!

Do you really have to have a fresh install of Ubuntu / Red Hat?  No. But we highly recommend it!

Back to Top


 

What exactly is the NagiosLogMonitor (nlm) tool?

NagiosLogMonitor (nlm) is the plugin that interprets the output produced by LoGrobot / logXray. 

Note, you do not have to have Nagios installed in order to use it.  You can run it through CRONTAB as well.

UPDATE:  If using Nagios with NRPE to monitor your remote hosts, the NagiosLogMonitor (nlm) is not needed.  This is because the latest version of logrobot (known as logXray) is built with its own interpreter which renders the old NagiosLogMonitor unnecessary.  If you are not using NRPE in your environment, and don't wish to set it up for whatever reason, then you can just use the free custom agent included with the logXray package.

 

Back to Top


 

How much is LoGrobot?

Please see the table at the bottom of the home page for a list of available options.

Back to Top


 

Are there any log monitoring situations LoGrobot will not be able to handle?

No.  LoGrobot / logXray has years of real life situations built into it. It has been heavily tested in QA, DEV, PrePROD and PROD environments. The tool as it is, is highly versatile and able to handle any situation you throw at it.

 

Back to Top


 

Is there a Money Back Guarantee?

Yes.  There is a 30 Day Money Back Guarantee.  If you're not satisfied for any reason with the LoGrobot tool, by all means, please let us know.  We stand proudly by our product and the time-saving, labor-eliminating services it delivers.

Back to Top


 

After downloading LoGrobot, can I submit requests to add custom / personalized features?

Absolutely.  We usually complete custom development requests within 24 to 72 hours of submission. 

If your request isn't of an urgent nature, please state so in your email. 

NON-Urgent email requests will be completed within 5 business days.  Contact us for more information.

Back to Top


 

I want to monitor log files on ALL my UNIX servers  - What must I do?

Here are the Simple steps you need to take for that to happen:

If using NRPE,

  1. Simply copy the logXray zip file you just purchased to the hosts on which you have log files to monitor

  2. unzip the logXray.zip file

  3. Put the unzipped tool into whichever directory you consider your plugins or scripts directory

  4. Define an entry in the nrpe.cfg file

  5. Restart the nrpe process on the host

And that's it

 

If using the Custom Monitoring Agent that comes with logXray:

Place LoGrobot on all your UNIX machines.  Installation is very simple:

  • Copy the logXray.zip file to each one of the hosts that you have log files on.

  • Unzip the logXray.zip file, then run the installation command.

Basically, here’s all you have to do on each of your UNIX Hosts:

  1. unzip logXray.zip ; cd logXray

  2. ./InstallAgent.sh     /var/tmp/logXray     1040     10.20.30.40

Explanation of the parameters:

  • /var/tmp/logXray is the default location logXray will be installed.

  • 1040 is the TCP port number on which the MASTER server will connect to each remote hosts

  • 10.20.30.40 will be the IP of the MASTER server (the primary monitoring server)

Installation Completed!

Back to Top


 

Can I generate professional Excel Reports on the history of log file alerts received?

Yes.  If you wish to generate a report on a specific timeframe, run a command similar to either of these:

If you dislike the idea of having to type or remember syntaxes, simply spring up the logXray web interface and click on the button for reports.

 

Back to Top


 

Can I monitor multiple strings in the same log file instead of searching for them separately?

Yes. Below is a screen shot of logXray being used to monitor 6 different strings within 1 log file.

http://logrobot.com/Critical_Out_Of_Memory_Error_Multiple_Strings.png

 

Back to Top

 


 

What makes LOGROBOT / logXray Superior to other Log Monitoring tools?

  • Simplicity - It does not require an extensive learning process to get used to. Extremely user-friendly!

    • Unlike any of our competitors, we built LoGrobot / logXray to cater directly to the everyday needs of the typical:

      • System Administrator - Watch system logs, security logs, mail logs and basically any other system related log file

      • Database Administrator - Watch as many database log files as is necessary - Alert when specific patterns/error codes are found

        • Be able to easily specify exclusion patterns in areas where you wish to eliminate unnecessary noise

      • Monitoring Engineer - Spin up new log monitoring checks very quickly without having to develop them yourself!

      • Developers - Monitor important log files for errors or activity during code testing, Get alerts and / or watch progress on live graphs

  • Versatility - It can be used either as a plugin or its own standalone monitoring system

    • It can be used directly on the command line to perform a wide range of different operations on log files & directories

    • Unlike most UNIX utilities, many of LoGrobot's functions can also be utilized from a Web Interface

      • perfect for those who prefer to just point and click, rather than type!

  • Compatibility - With either Zabbix, Zenoss, Nagios or CRONTAB, the scheduling of multiple different log checks is effortless and dependable

  • Support - All users of LOGROBOT receive free support (custom development / live assistance)

    • When it comes to the monitoring of log files and the management of alerts on them, we understand there is an infinite number of ways things can be done

      • With LoGrobot / logXray, our users are given the chance to request the development of custom features for free

        • These customer specific features will be tailored specifically towards each individual user need

          • In areas where we determine a newly requested feature will be useful to the general public, we will add it to future releases of the LoGrobot suite!

  • Command line Usability - All necessary parameters are passable directly from the command line - No configs!

  • Modules - Unlike most tools, it does not require the installation of nonnative modules or libraries to the system

    • What that means is, there is nothing complicated for you to deal with

  • Affordable - An inexpensive log monitoring tool considering the amount of work it will save you - No more scripts for you to write!

  • Maintenance - Constantly updated for added simplicity, building of new features & polishing of the old

  • Speed - Completes scanning of log files in under 1.5 second, even files that are several hundred Megabytes / Gigabytes in size

  • Alerting - Its sole purpose is to monitor log files & alert on anything about them...i.e. content, size, timestamp etc

  • UNIX BASED - Written specifically for UNIX - Only uses resources that are native to the UNIX Operating System

 

Download Now


 

What is logXray?

logXray is the upgraded / fully-featured version of LoGrobot which can be used on any UNIX system (Linux, AIX, SunOS, HP-UX).  To purchase it, click here.

Back to Top


 

How Fast is logrobot / logXray?

Very fast!  LoGrobot completes its periodic scanning of log files within 0.2 to 1.5 seconds.  Listed below are some of the information provided each time a log check runs:

  • number of errors found,

  • number of new lines added to the log,

  • total number of lines in the log,

  • log size at the latest log check

  • range of lines scanned within the log file

  • timeframe within which the status of the latest log check is based upon

  • seconds within which the latest errors / entries in log file were detected

  • automatically detects log rollover - prevents missing errors between checks

  • equipped with several features that does MORE than just monitor log content

Back to Top


What options do I have to purchase LoGrobot / logXray?

  • To monitor an unlimited logs on unlimited number of UNIX hosts and servers, click the option for $109.95.

    • Price may change without notice.

NOTE: This is a one-time fee.  You need not worry about making recurring payments.

Back to Top


 

Additional Benefits all users of logXray/LoGrobot receive:

  1. Email Support / Instant Messaging – We’ll do the work for you via Live Chat!

    • Ask us any question, we'll chat live with you one on one or send you detailed responses via email - the preference is yours

     

  2. Free Code Development – Ask us to develop any custom feature…just for you!

    • Send us your customization requests – Get the new version of logXray containing your requested features in under 72 hours…or less!

     

  3. Latest Updates / Upgrades – Get the newest features available!

 

Back to Top


 

I want to be able to also VIEW log files on all my hosts from ONE Web Interface

LOGROBOT comes with a PHP Web Interface that enables you to specify which host a log file is on, what TCP port you wish to connect to on that host, and where the log file is located on the host.   The benefit of this feature is so that you DON'T have to manually log in to any server in order to view the contents of the log files on that server. 

This feature basically eliminates the tedious task of having to type passwords repetitively to gain access to several servers.  It eliminates the need to generate tokens or to tamper with ssh config files. None of that is necessary.  If you want to view a particular log file on host x, simply bring up the PHP Web Interface, type in the host name, the location of the log file, what port to connect to, then hit submit!

Back to Top


 

Supported Log Files

  • Will all my logs be supported?

    Yes, all log types / log formats are supported. 

    Some of the supported log files are listed below:

    • Tomcat Catalina.out logs

    • Apache Maxclient logs

    • Apache access logs

    • Apache error logs

    • OutOfMemory logs

    • JBoss log files

    • Java log files

    • Weblogic logs

    • Glassfish logs

    • Syslog log monitor

    • Maillog / Postfix / Syslog log files

    • Mysqld / Oracle Alert logs

    • Log4j

    • NEW FEATURE: Monitor any type of log file regardless of format

     

Back to Top

Unlimited UNIX Hosts / Servers

Monitor / Alert / Analyze / Graph / Report

5 Tools in One - Use ONE Utility for All Log Monitoring Tasks!

Real Time Log Monitor - Utilize Graphs to see up to the Minute Details

autonda  /  autodoc  /  autofig  /  autoblz

Keep a constant Robotic Eye on all Log File Events

Remote Agent Included: Enables Centralized monitoring of remote logs!

Monitor Unlimited Log Files on Unlimited UNIX Hosts / Servers

Use with Zabbix, Zenoss, Nagios, Crontab (or any other application)

Free Support: Development Requests / Live Assistance!

Instant Download!

$109.95 (Fully Featured Log Monitoring Suite)

Monitor single patterns / keywords in one log file

Monitor multiple different patterns in the same log file (with no configs)

Monitor Log Timestamps, Growth, File Size & Directory File Count

View log files in timeframes (no more random tailing of logs)

Generate Spreadsheets / Reports on past Log Monitoring Alerts

Monitor different patterns in a directory of logs...with one check!

Graph, Analyze & Alert on Linux / UNIX log files Automatically!!

Simplify / Automate all day-to-day log monitoring tasks and much more!

(Automated Install & Configuration of Graphite (statsD/collectd) Included)

One-Time Fee / No Recurring Monthly Payments!

Buy Now

The DOWNLOAD Process will begin immediately after payment has been completed.  Contact us at Support@Logrobot.com if you have any questions or customization requests.

Analyze Linux Log Files | Log File Analyzing | Log File Monitor | Log File Monitoring & Alerting | Zenoss Log Monitoring | Monitoring a Log File | Monitoring Application Log Files | Monitoring Linux Application Log Files | Monitoring Linux Log Files | Monitoring Log Files | Monitoring Log Files on Unix Systems | Monitoring Unix Log Files | Zabbix Log Monitoring | Monitoring Logs in Zenoss | Monitoring Linux Log Files | Monitor Linux System Logs / Log Files | Monitor Log Files | Nagios Log Monitoring | Monitoring Logs | Monitoring Log Files | Monitoring Application Logs | Log File Analysis | Zabbix Log File Monitoring | Zabbix Log Monitoring | Zenoss Log Monitoring

Copyright        |        Restrictions        |        Licensed Product        |        Grant of License        |        License Agreement