Listing 1. colortail.conf
# A list of all colors available. Each of these
# colors can be used as long as it's in the same
# format as shown below.
# COLOR magenta
# COLOR cyan
# COLOR green
# COLOR yellow
# COLOR brightred
# COLOR blue
# COLOR brightblue
# COLOR brightwhite
COLOR magenta
{
^.*(\[someisp.com\]).*$
^.*(HEAD /).*$
}
COLOR cyan
{
^.*(\[anotherhost.com.au\]).*$
^.*(GET /logs/).*$
^.*(GET /somedirectory/).*$
^.*(GET /anotherdir/).*$
}
COLOR brightyellow
{
# matches all ip adresses
^.*([0-9]{3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*$
^.*([0-9]{2}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*$
^.*([0-9]{1}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*$
# matches two ip adresses in one line
^.*([0-9]{3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*([0-9]{3}\.[0-9]{1,3}\.[0-9]{
1,3}\.[0-9]{1,3}).*$
^.*([0-9]{2}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*([0-9]{2}\.[0-9]{1,3}\.[0-9]{
1,3}\.[0-9]{1,3}).*$
^.*([0-9]{1}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*([0-9]{1}\.[0-9]{1,3}\.[0-9]{
1,3}\.[0-9]{1,3}).*$
}
COLOR brightred
{
# matches the word root
^.*(root).*$
# matches DENY
^.*(ppp-in DENY ppp0).*$
^.*(eth-in DENY eth0).*$
# System log information
^.*(authentication failure).*$
^.*(PAM_pwdb).*$
^.*(ftpd).*$
^.*(ssh).*$
^.*(ipop3d).*$
^.*(\[error\]).*$
^.*(LOGIN).*$
# CGI-BIN and PHP items
^.*(cgi-bin).*$
^.*(php).*$
^.*(php3).*$
}
Copyright © 1994 - 2018 Linux Journal. All rights reserved.