Great Circle Associates Firewalls
(June 1996)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Ability To Track Logs
From: RHS Linux User <coy @ coy . com>
Date: Mon, 3 Jun 1996 18:14:54 -0500 (CDT)
To: ygerman <ygerman @ genre . com>
Cc: Firewalls <Firewalls @ GreatCircle . COM>
In-reply-to: <9606031534 . AA0078 @ grcstm-nx02 . genre . com>

On 3 Jun 1996, ygerman wrote:

> I am in a bind on how to accomplish something on our firewall.
> I would like to check the logs on the firewall continuosly looking for certain 
> fields and based on the fields initiate an action. The action will be mail to a 
> different address depending on the field found.
> 
> Currently I am seting this up via a c shell script and doing a grep for certain 
> things every hour. The problem is I would like not to have to wait an hour. Has 
> anyone had any experience with this. Is there a way to accomplish this easier? 
> Please respond as soon as possible, thanks!

Have you considered Swatch (available at ftp://coast.cs.purdue.edu/pub/tools/unix/swatch)?  
It watches a log file and takes an action when a pattern matches. 

Chip Coy   coy @
 coy .
 com   http://www.awebs.com/~coy/
"Do not mistake composure for ease." - Tuvok




References:
Indexed By Date Previous: RE: Memra
From: Michael Dillon <michael @ memra . com>
Next: RE: Firewalls-Digest V5 #356
From: Richard Ruda <rruda @ osti . com>
Indexed By Thread Previous: Re: Ability To Track Logs
From: Dennis Moroney <dennis @ SterCtl . com>
Next: Re: Sidewinder: Re: FW: MISSI- and DMS- compliancy
From: "Patrick M. Bartkus" <102557 . 3370 @ CompuServe . COM>

Google
 
Search Internet Search www.greatcircle.com