# How executing an action after an log



## sai (Feb 11, 2009)

Hello communauty,

Is that possible to executing an action just after a new log message, when this message match a regex, thanks to a shell script?

For example when FreeBSD kernel add a new log message (in /var/log/kern.log for instance), a script parse it and if this message match a specific word, an action is accomplished...

Many thanks


----------



## danger@ (Feb 11, 2009)

take a look at security/bruteforceblocker


----------



## Mel_Flynn (Feb 11, 2009)

danger@ said:
			
		

> take a look at security/bruteforceblocker



That's specific for bruteforce attacks. To answer the original question:
sysutils/grok


----------



## danger@ (Feb 11, 2009)

You are right that the script itself is bruteforce-specific, however the implementation can be adapted to anything else....


----------



## sai (Feb 12, 2009)

Thank you!


----------

