pwatch

pwatch is a simple log monitoring script that I wrote up, originally for use on my MythTV Backend. You see, I needed something that could comb through log files and then, for specific types of events, email me alerts to let me know that “interesting” (read: bad) things were going on.

The script itself uses a simple, Apache-style configuration file for selecting files to monitor, and events to trigger on.

Configuration Example

DatabasePath /var/run/pwatch/pwatch.db

SmtpServer smtp.server.com
EmailFrom root
EmailTo sysadmin
EmailTitle This Server

EmailOnError true

<Logfile /var/log/mythtv/mythbackend.log>
  DatePattern ^(\d{4}-\d\d-\d\d \d\d:\d\d:\d\d)

  <Trigger>
    Pattern (Error: select timeout - ivtv driver has stopped responding)
    Action email
    Severity error
  </Trigger>

  <Trigger>
    Pattern (IOBOUND end)
    Action email
    Severity error
    Run /usr/bin/iotop -b -n 1
  </Trigger>
</Logfile>

<Logfile /var/log/kern.log>
  DateFormat kern
  Tail 10

  <Trigger>
    Pattern (raid.: Disk failure on .*?, disabling device\.) 
    Action email
    Severity error
  </Trigger>
</Logfile>

Downloads

Download the script here: pwatch

Documentation

I use perldoc. Just run perldoc on the script for usage information, more detailed configuration documentation, etc.