| The Samhain Host Integrity Monitoring System | ||
|---|---|---|
| Prev | Appendix C. Configuration file syntax and options | Next | 
Section heading:
[Logmon]
LogmonActive=boolean — 'true' to switch on, 'false' to switch off.
LogmonInterval=seconds — Interval between checks (default 10).
LogmonWatch=TYPE:path[:format] — File to monitor.
LogmonHidePID=boolean — Suppress PID in syslog messages, 'true' to switch on, 'false' to switch off.is an option
LogmonQueue=label:[interval]:(sum|report):severity — defines defines an output queue.
LogmonHost=(perl)regex — Causes the following rules to be applied only to entries for this host(s).
LogmonEndHost — Explicitely ends a preceding LogmonHost directive.
LogmonGroup=(perl)regex — Causes the following rules to be applied only if the group regex matches.
LogmonEndGroup — Explicitely ends a preceding LogmonGroup directive.
LogmonRule=queue_label:(perl)regex — matches a logfile entry against the provided regular expression.