« Previous 1 2
Real-time log inspection
Inspector General
The End Is Nigh
As you have seen, Teler is a highly useful addition to any security toolbox. If you want to experiment with real-time log scanning – as opposed to reading from saved logfiles – then the docs point you to stdbuf
[8], which is a command to pull in data in a stream:
$ tail -f access.log | stdbuf -oL cut -d aq aq -f1 | uniq
With the tail
command, it is possible to format the entries into a useful layout that scripts and other applications can use.
I will be keeping an eye on Teler as new features and supported formats are developed in later versions.
Infos
- Logwatch: https://www.admin-magazine.com/Archive/2015/25/Lean-on-Logwatch
- Teler: https://github.com/kitabisa/teler
- Teler release page: https://github.com/kitabisa/teler/releases
- Docker Engine: https://docs.docker.com/engine/install
- Teler config example: https://github.com/kitabisa/teler/blob/master/teler.example.yaml
- Common log format: https://en.wikipedia.org/wiki/Common_Log_Format
- Teler resource collections: https://github.com/kitabisa/teler-resources
- stdbuf: https://linux.die.net/man/1/stdbuf
« Previous 1 2
Buy this article as PDF
Express-Checkout as PDF
Price $2.95
(incl. VAT)
(incl. VAT)