I had wanted to do some log monitoring without reinventing the world, so I looked around for some log monitoring tools. I found logwatch, which was easy enough to download and install. Had a little problem with configuration, but since I was only interested in watching ssh logins I impleted a command to do just that.
In my looking around, I also found Swatch. Swatch is actually a PERL script. We had a very old very of PERL, so I downloaded and installed the latest from CPAN. I did this because Swatch kept asking for PERL modules which weren't in our version. Once I installed the latest version of PERL, I only needed an additional four modules which I installed. After that I was able to get Swatch up and running and used this command to start it:
/export/home/ramosg/localperl/bin/swatch --tail-file=/var/adm/messages --tail-args -f
Swatch also looks for a config file which I set up in my home directory:
.swatchrc
watchfor /Failed none for/
mail addresses=gregory.c.ramos
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment