logrider for Linux

LogRider is my attepmpt to improve a popular LogCheck/LogSentry utility. LogCheck uses egrep for periodically scanning system logs for specific alert/hacking signatures based on set of static filters. LogRider is rewritten from scratch with lot of important features added:

1. Strings caught by any filter are excluded from processing by next filters.
2. Actual filters are composed from the set of small sub-filters located in directories that name is given as filter name. Each subfilter contains messages generated by one service. You can easily put additional filters for checking additional services without modification of already existing program and configuration.
3. Configuration is separated from program and moved to standalone file. This means that LogRider may be easily adopted to new platform without modification of program core, and may be easily used for checking multiple logfiles by different filters.
4. LogTail is now shell script, not binary. This means that LogRider don't requires building stage and is ready-for-use immediately after installation.

Source files

Filename	Time	MD5
logrider-0.2.zip	Mon Feb 9 03:29:49 MSK 2004	1fdd4fd0f0ad92acbacd8453a9f6221d
logrider.spec	Mon Feb 9 03:29:35 MSK 2004	9c2eb426ca32798e0fe2bf9c9aa15ca5

RPM packages (source and binary)

Package	Size	Summary	MD5
logrider-0.2-2.noarch.rpm	20525	Check log files for security violations	ba2476023b1fd1e013e243e9fca006f9
logrider-0.2-2.src.rpm	17440	Check log files for security violations	d94657f0e9cd10214211b749efe8b76b

Last changed at 09 February 2004 MSK 03:15
Have comments? Mail me: ilya_evseev AT mail TOCHKA ru.