The easy way is to use ssh like a filehandle:

my $verbose = 1;
my $r_cat = 'ssh %s cat "%s" |'; # host, file

sub r_open {
    my ($spec) = @_;
    my ($host,$file) = split /:/, $spec,2;
    my $cmd = sprintf $r_cat, $host, $file;
    print "Opening [$cmd]\n" if $verbose;
    open my $fh, $cmd
        or die "Couldn't open remote file: $cmd: $!/$?";
    $fh
};

my $fh = r_open('user@host:some/file');
while (<$fh>) {
    chomp;
    print "I read line '$_'\n";
};
[download]

As a second step, you might want to push some of the filtering steps onto the remote server to reduce the amount of data to be transferred:

my $verbose = 1;
my $r_grep = 'ssh %s grep "%s" "%s" |'; # host, re, file

sub r_grep {
    my ($re,$spec) = @_;
    my ($host,$file) = split /:/, $spec,2;
    my $cmd = sprintf $r_cat, $host, $re, $file;
    print "Opening [$cmd]\n" if $verbose;
    open my $fh, $cmd
        or die "Couldn't open remote file: $cmd: $!/$?";
    $fh
};

my $fh = r_grep( 'foo|bar', 'user@host:/some/other/file' );
while (<$fh>) {
    chomp;
    die "Weird line <$_>" unless /foo|bar/;
    print "Read line [$_]\n";
};
[download]

Update Fixed wrong order of split arguments

it's probably just a typo in your code, but it's

my ($host,$file) = split /:/,$spec,2;
[download]

and not:

my ($host,$file) = split $spec,/:/,2;
[download]

;-)

to ask a question is a moment of shame
to remain ignorant is a lifelong shame

I would consider re-using apps already available for this purpose like swatch and logwatch. Also instead of remotely log-in todo the queries I would centralize the logging to one host.

A good guide can be found at Logging with syslog-ng.

It might not be what you are looking for, just thought it might help.

$ ssh foo@server /usr/local/bin/grep -C 100 "the string you are lookin
+g for" /var/log/whatever
[download]