Try googling for "anomaly detection" - it's not such an flawed approach as some of the other posters suggest, and a Bayesian filter would probably be a helpful tool in detecting anomalies in your log file (be it intrusion attempts or error messages from whatever is running on your system)

You could probably easily roll your own Bayes-implementation for this sort of use that fits your problem better than the existing implementations on CPAN - as kvale says, they are (it is) mainly specialized in categorizing spam.

A challenge here could be that you can't necessarily just consider each event in the log as they arrive, but have to look at patterns and trends too to detect hack attempts and such. It's an interesting idea, please tell if something useful comes out of it.

Mats