swatch – alerting you of certain log entries
A few minutes before coding my own perl script, which would alert me on certain log entries, I’ve found a software which does it’s job very well.
It’s called swatch – yes, really impressing web site and lack of documentation, examples is tipical for a geek’s tool.
example config – very simple:
watchfor /Security violation occurred/
mail addresses=ninja@level13.org,subject="SWATCH warning - switch_name"
and the command line invocation:
# /usr/local/bin/swatch -c /usr/local/etc/swatch/switch_name.conf -t /var/log/syslog/switch_name.log --daemon --use-cpan-file-tail
–daemon for forking it in the background
–use-cpan-file-tail is needed so that the swatch will tail file even after it’s rotated by the rotating script, but make sure that the perl module File::Tail is installed
It can of course match multiple patterns (multiple watchfor sections) on the same log file, but you must run multiple instances of the software for tailing multiple log files.
Make sure to read swatch man page.
S.
Hi,
super tool, tole bo zelo uporabno.
http://sourceforge.net/projects/swatch
lpm