Alertik: A tiny syslog server & event notifier for MikroTik routers
Posted: Tue Aug 13, 2024 3:14 am
Hi,
A few months ago, I attempted to programmatically retrieve logs from my hAP ac^2 and trigger notifications based on those logs. However, I was quickly frustrated to find that RouterOS does not have a native feature for this, and scripting solutions were inadequate due to the human-readable but difficult-to-parse date format. Adding to the complexity was the log polling, which made my script increasingly convoluted.
Unfortunately, I'm not alone in facing this issue, as evidenced by:
- viewtopic.php?t=198490
- viewtopic.php?t=184330
- viewtopic.php?t=148397
I then discovered that RouterOS supports a syslog client, which theoretically could resolve the issues with date parsing and polling. However, I did not want to dedicate a machine for this purpose. This led to the creation of Alertik: a simple, 395kB syslog server written in C, available as a Docker image and compact enough to run directly on my hAP ac^2 from its ramdisk.
Alertik is capable of receiving logs from RouterOS and triggering notifications based on log matches, whether through substring or regex. It is configurable via environment variables, supports custom messages, and integrates with Telegram, Slack, Discord, and Teams (with potential support for other services via WebHooks).
Project:
https://github.com/Theldus/alertik
A few months ago, I attempted to programmatically retrieve logs from my hAP ac^2 and trigger notifications based on those logs. However, I was quickly frustrated to find that RouterOS does not have a native feature for this, and scripting solutions were inadequate due to the human-readable but difficult-to-parse date format. Adding to the complexity was the log polling, which made my script increasingly convoluted.
Unfortunately, I'm not alone in facing this issue, as evidenced by:
- viewtopic.php?t=198490
- viewtopic.php?t=184330
- viewtopic.php?t=148397
I then discovered that RouterOS supports a syslog client, which theoretically could resolve the issues with date parsing and polling. However, I did not want to dedicate a machine for this purpose. This led to the creation of Alertik: a simple, 395kB syslog server written in C, available as a Docker image and compact enough to run directly on my hAP ac^2 from its ramdisk.
Alertik is capable of receiving logs from RouterOS and triggering notifications based on log matches, whether through substring or regex. It is configurable via environment variables, supports custom messages, and integrates with Telegram, Slack, Discord, and Teams (with potential support for other services via WebHooks).
Project:
https://github.com/Theldus/alertik