I have been looking for good resources for example swatch scripts. I
haven't had a lot of luck. I know that examples are included.....but, they
are pretty generic. I am sure there are people out there using swatch to do
things I never thought of.
I will get the ball rolling with a couple I use, maybe others will want to
share.
These alert on Alteon alerts and notices.
watchfor /ALERT.*WebOS/
echo normal
mail =youat_private,subject= ALTEON: Alert
throttle 05:00
watchfor /NOTICE.*WebOS.*<[^telnet]/
echo normal
mail =youat_private,subject= ALTEON: Notice
throttle 05:00
This alerts on PIX failover.
watchfor /failover/
echo bold
mail =youat_private,subject=Failover on PIX
This alerts on failed su attempts. This can get annoying if you have a lot
of boxes and users.
watchfor /'su root' failed/
echo bold
mail =youat_private,subject=Failed root password for su
throttle 01:00
This alerts on file system full. The throttle is 30 minutes, you can really
get a lot if this is less than 30 minutes.
watchfor /file system full/
echo bold
mail=youat_private,subject=File system Full
throttle 30:00
If there is enough interest and contribution, I will put it all together on
the web for reference.
Jason Lewis
http://www.packetnexus.com
It's not secure "Because they told me it was secure".
The people at the other end of the link know less
about security than you do. And that's scary.
---------------------------------------------------------------------
To unsubscribe, e-mail: loganalysis-unsubscribeat_private
For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Sun Aug 12 2001 - 08:12:47 PDT