This week I've written a lot of code and documentation on logspy.pl. I'm planning to release it on SourceForge in about two weeks, after writing some input and output examples modules.
logspy.pl is a rewrite of a project I wrote at work, for parsing Postfix' logfiles on the fly. I figured out that it could be used to parse other logs, so I wrote a simple main engine and a plugin architeture for modular parsing, i.e. you will be able to use an input module like Logspy::Input::Messages to parse syslog messages file (/var/log/messages) and outputing it to a MySQL database using Logspy::Input::Messages::MySQLDump, for example.
You can write your own modules for anything you want. At work, for example we use a similar system that reads the /var/log/maillog file and then count messages sent from authenticated users and messages received from external IP addresses. Those datum is used to generate iptables rules for spam prevention.
I'll make sure you'll know when I release it :)
Update: An english typo :)
