log2XMPP aims to forward syslog messages (received on an Unix socket) to a XMPP chatroom.

Main advantages over other tools like logcheck are that:

• you are notified in realtime (you don't have to wait for the next hourly/daily email report)
• your mailbox will not be filled by hundreds of spammy redundant email with the unread flag anymore if you don't read them for a week. It is easier to take a quick look at a one message per line chatroom backlog than to open each email to read its content
• you can use syslog filters to forward only ERROR message level, or only auth facility
• sending log messages in emails can be insecure and leak sensitive informations unless a) you have denied cleartext SMTP on your mail server and b) you don't use a third party email provider that you couldn't trust.

log2XMPP requires pyhton-sleekxmpp, python-regex and python-daemon.

On a Debian stable machine, install them with:

# apt install pyhton3-sleekxmpp python3-daemon python3-regex

Then put log2xmpp.py somewhere on your hierarchy (for example in /usr/local/bin/).

To make rsyslog send its log to an external Unix socket, you must load the omuxsock module in your rsyslog.conf:

module(load="omuxsock")
$OMUxSockSocket /var/run/log2xmpp/syslog.sock

Then, add a rule to forward messages to it:

• all messages:

  *.* :omuxsock:
  

• only auth and authpriv facility:

  auth,authpriv.* :omuxsock:
  

• and so on…

Also if you use to used logcheck to filtering out your log, log2XMPP can read logcheck's ignore rules in an arbitrary directory (but defaults to /etc/logcheck/ignore.d.server/) with --logcheck-filters option.

$ ./log2xmpp.py --help
usage: log2xmpp.py [-h] --jid JID [--jid-password PASS] --room ROOM
                   [--room-password ROOM_PASSWORD] [--syslog [SYSLOG_SOCKET]]
                   [--logcheck-filters [LOGCHECK_FILTERS]]
                   [-d {DEBUG,INFO,WARNING,ERROR,CRITICAL}] [-p PID]

Listen on unix socket and send syslog messages to XMPP chatroom.

optional arguments:
  -h, --help            show this help message and exit
  --jid JID             JID to use
  --jid-password PASS   JID password
  --room ROOM           XMPP chatroom to join
  --room-password ROOM_PASSWORD
                        optional chatroom password
  --syslog [SYSLOG_SOCKET]
                        listen on unix socket to syslog messages
  --logcheck-filters [LOGCHECK_FILTERS]
                        Use logcheck ignore filters
  -d {DEBUG,INFO,WARNING,ERROR,CRITICAL}, --debug {DEBUG,INFO,WARNING,ERROR,CRITICAL}
                        debug level
  -p PID, --pid PID     PID file

If not specified on the command line, JID password and optional ROOM password are read from environment variables JID_PASSWORD and ROOM_PASSWORD.

$ JID_PASSWORD='a secrete password' ./log2xmpp.py --jid [email protected] --room [email protected] -p /var/run/log2xmpp/log2xmpp.pid --syslog /var/run/log2xmpp/syslog.sock --logcheck-filters

TODO: create a systemd unit and a dedicated system user with permissions on /var/run/log2xmpp/.

I'll be happy to receive your bugfixes, suggestions and improvements.

IMPORTANT: the main repository is at https://gitlab.com/billux/log2xmpp. Please submit your bugreports and merge requests here and not at Github.

log2XMPP is released under the terms of the GPLv3 license.