Logtfy

Simple log monitoring service that uses ntfy for alerts.

Details

Logs from a specified source are continuously monitored, parsed, and used to trigger alerts that are posted to a ntfy topic.
This is done through packages called modules - each module represents a specific source of logs.
- For example, the ssh_logins module is used to monitor SSH logs and send an alert when someone logs in via SSH.
- Modules are stored in the modules directory and each module must contain these 2 files:
  - logger.sh: Defines the log message source (continuously outputs log messages).
  - parser.sh: Parses an individual log and decides whether it should trigger a ntfy alert (if so, this script print a specifically formatted output containing the final alert data).
Alerts can be sent to a user-defined ntfy server/topic, with the option to fallback to a second server/topic in case of failure.

Create a copy of config.default.json and name it config.json.
Modify config.json to suit your needs.
- This file defines your ntfy.sh servers (server URL, credentials, and an optional prefix to append to all topic names).
  - You can define as many servers as you want, but only 1 to 2 are used (the main server, with an optional fallback).
- This file also defines changes to the default settings per module.
  - This includes specifying a different ntfy server (and fallback) to use, customizing the topic name, disabling modules, and adding additional data to use for log collection and parsing.
- Other details not mentioned - most property names are self-explanatory.
Optionally, create a copy of onExit.default.sh named onExit.sh and customize it - this file runs when the monitoring script exits for any reason. By default, it will attempt to send a ntfy alert to your configured server.
If you've enabled a module that grabs logs from a Kubernetes service, you'll need to run k8s/prep.sh.
Launch the service with run.sh
- Alternatively, you can use the Dockerfile to build and run a Docker image.
- You can also set it up to run as a systemd service using the example service config file logtfy.service.example.

Name		Name	Last commit message	Last commit date
Latest commit History 34 Commits
helpers.sh		helpers.sh
k8s		k8s
modules		modules
.dockerignore		.dockerignore
.gitignore		.gitignore
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
config.default.json		config.default.json
configParser.js		configParser.js
logtfy.service.example		logtfy.service.example
notify.js		notify.js
onExit.default.sh		onExit.default.sh
onModuleExit.default.sh		onModuleExit.default.sh
run.sh		run.sh
runModule.sh		runModule.sh