SUMMARY: syslog monitoring script

From: Stuart Kendrick (sbk@fhcrc.org)
Date: Tue Feb 18 1997 - 15:19:48 CST


I want to monitor syslog and respond appropriately -- page, e-mail -- upon
certain events, and I had questions about how to accomplish a particular
detail in my code.

The uniform response was not to reinvent the wheel but to use swatch,
PERL-based code produced at Stanford.

ftp://ftp.stanford.edu/general/security-tools/swatch
ftp://coast.cs.purdue.edu/pub/tools/unix/swatch/

I've implemented it, and in fact received a page late last night for a
particularly painful failure which it detected.

Thanks to:

Mark Bergman <bergman@phri.nyu.edu>
Rachel Polanskis <rachel@juno.virago.org.au>
Rich Kulawiec <rsk@itw.com>
Todd Boss <boss@netcom.com>
"Karl E. Vogel" <vogelke@c17mis.region2.wpafb.af.mil>
Andi Paton <apaton@wtl1.demon.co.uk>
Peter Bestel <peter.bestel@uniq.com.au>
Clemens Schmuck <clemens@wst.edvz.sbg.ac.at>
Rich Casto <rich@loopexpert.com>
David Steiner <dsteiner@brynmawr.edu>
John Stoffel <jfs@fluent.com>
Rasana Atreya <atreya@library.ucsf.edu>

--sk

Stuart Kendrick
Network Services
FHCRC



This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:11:46 CDT