HowTo: Remote log monitoring with Growl

I have a G4 server sitting headless under a desk that acts as a router and fileserver. I’d like to monitor its log events without being physically logged in to the machine — luckily, Growl is an application designed to do just that.

To get started, install Growl on both the client and server machines, and be sure to install the command-line utility growlnotify as well.

Next, ssh to the server and check your ~.profile to see if /usr/local/bin is in the path. If not, edit ~.profile and add

export PATH="/usr/local/bin:${PATH}"

Next, sudo -s to get the root console, cd to /usr/local/bin, then touch growltail and chmod 755 it. Open growltail in your text editor of choice and add the following lines:

#!/bin.sh
while read; do
echo $REPLY | growlnotify -n ServerName --udp --host ClientIP
done

Open the Growl preference pane on both server and client machines and make sure it’s running and set to start up at login. On the client, go to the Network tab and ensure that both “Listen for incoming notifications” and “Allow remote application registration” are selected. On the server, select “Forward notifications to other computers” and check the box next to your client computer name.

To test, type echo “foo” | growltail on the server. If the message appears in a notification on the client, you’re ready to go! Simply pipe tail’s output for your various log files:

tail -n 0 -F /var/log/system.log | growltail &
tail -n 0 -F /var/log/secure.log | growltail &

Now you can relax and be secure in the knowledge that system-level events on the server aren’t going unnoticed.