Tailbeep opens a file (-f), seeks to the end, and watches for a string (-s). If the string is found, a beep is sent to the specified tty (-t) device. You can also daemonize (-d) it. It was written to watch /var/log/messages for the DENY string (to catch anyone trying to break into a firewall), but you can use it to watch any open file that gets appended to. You can also create a log if you like, so you can record the events, in long or short mode. Tailbeep requires write access to one of the tty devices on the console.