I have a program, somewhere, that read a file of regular expressions on startup. These were then compared against a file, in this case /var/adm/messages, with hits sent via SNMPv1. The script is written in Python and was typically used with a tail -f against the log file. Would a variation of this work for your needs? -W -- New England Information Security Users Group - http://www.neisug.com Regional Electronic And Computer Crimes Taskforce - http://www.reacct.org ...... Original Message ....... On Mon, 16 Dec 2002 05:32:38 +0000 (GMT) Tina Bird <tbird@precision-guesswork.com> wrote: >may still be interesting. > >anyone out there have a tool that can parse syslog data (or anything text >based, i guess) and send an alert if a particular message does >not< show >up? > >thanks -- tbird > >"Our duty, as living things, is to be sure that pain is not our whole >story, for we can choose to be otherwise....we can choose to dance." > -- from "Six Moon Dance," by Sheri Tepper > >http://www.shmoo.com/~tbird >Log Analysis http://www.loganalysis.org >VPN http://vpn.shmoo.com > >_______________________________________________ >LogAnalysis mailing list >LogAnalysisat_private >http://lists.shmoo.com/mailman/listinfo/loganalysis > _______________________________________________ LogAnalysis mailing list LogAnalysisat_private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Wed Dec 18 2002 - 18:36:09 PST