We propose a method for monitoring system logs on Linux servers. We use Jubatus which is a machine learning library to monitor logs on user logins of SSH. First Jubatus learns logs of authorised access. After that, Jubatus can tell logs of authorized access from logs of unauthorized access. We write Python programs to handle Jubatus and log data. This method provides a simple way for monitoring system logs compared with commercial software.