new addon: swatch - Simple log file watcher
authorJan Lentfer <Jan.Lentfer@ipfire.org>
Mon, 17 Jun 2013 09:05:59 +0000 (11:05 +0200)
committerJan Lentfer <Jan.Lentfer@ipfire.org>
Sun, 23 Jun 2013 21:16:21 +0000 (23:16 +0200)
commit85981472c3ef260141178afe9a006935ecb913e2
treebdd63e8579101c3e46430c924ec2b25aeebf83bd
parent2d528f3446dac6c8acdb75d9c76f621318d74c98
new addon: swatch - Simple log file watcher

http://sourceforge.net/projects/swatch/

With swatch you can easily monitor (growing) log files
in realtime and create email alerts based on log file content.

e.g. with a config file like this:
watchfor /Priority\: ([1|2])/
echo=normal
mail=alerts@your.domain,subject=[SNORT] Priority $1 Alert

and a swatch command like this:
swatch --daemon -c /var/ipfire/snort/swatchrc --input-record-separator='\n\n' -t /var/log/snort/alert

you can setup email alerts for SNORT alerts.

This still needs an active MTA (e.g. dma or postfix).
13 files changed:
config/rootfiles/packages/perl-Carp-Clan [new file with mode: 0644]
config/rootfiles/packages/perl-Date-Calc [new file with mode: 0644]
config/rootfiles/packages/perl-Date-Manip [new file with mode: 0644]
config/rootfiles/packages/perl-File-Tail [new file with mode: 0644]
config/rootfiles/packages/perl-TimeDate [new file with mode: 0644]
config/rootfiles/packages/swatch [new file with mode: 0644]
lfs/perl-Carp-Clan [new file with mode: 0644]
lfs/perl-Date-Calc [new file with mode: 0644]
lfs/perl-Date-Manip [new file with mode: 0644]
lfs/perl-File-Tail [new file with mode: 0644]
lfs/perl-TimeDate [new file with mode: 0644]
lfs/swatch [new file with mode: 0644]
make.sh