File logsurfer.conf of Package logsurfer

#
# /etc/logsurfer.conf example file
#
#
# Fundamental base rule
#
#'.*' - - - 0 exec "/bin/echo $0"

#
# Example to scan for failed su to root
#
#'su: FAILED.*\(to root\)' - - - 0 exec "/bin/echo $0"

#
# Example: scan syslogs for isdn subsystem records about incoming calls
# match_regex
#       not_match_regex
#               stop_regex
#                       not_stop_regex
#                               timeout
#                                       continue
#                                               action
#
# action:
#   ignore
#   exec
#   pipe    gets the logline
#   open    new context
#   delete  clear context
#   report
#   rule    

# incoming call from my cell phone: dial on the interface as follows:

'.*kernel: isdn_tty: call from 1721234567 -> 2111' - - - 0 exec "cinternet -i dsl0 -A"
# call to the other phone number at home hangs up the dsl line:
'.*kernel: isdn_tty: call from 1721234567 -> 54321' - - - 0 exec "cinternet -i dsl0 -O"
# call to the third number: reset the box.
'.*kernel: isdn_tty: call from 1721234567 -> 54322' - - - 0 exec "/sbin/reboot -nf"



# calls, report them via mail to work, with the exception of those from the cellphone:
'.*kernel: isdn_tty: call from .* -> .*' '.*kernel: isdn_tty: call from 1721234567 -> .*' - - 0 pipe "gpg --batch -ear user@domain_key_name | mail -s incoming_call email@work.com"