Hi,
We're running swatch on linux as well. Here is how our mail fields look:
watchfor /Too many open files in system/
echo
exec echo $0 | mail hhoffmanat_private
exec echo $0 | mail -s\"Out of files on Server, please reboot\"
operators\\@auckland.ac.nz
throttle 30:00
HTH,
Harry
Quoting swatch swatch <swatch_5at_private>:
*> #swatchrc file in /var/log
*>
*>
*> # Bad login attempts
*> watchfor /failed/
*> echo bold
*> mail addresses=meat_private,subject=Failed
*> Authentication
*>
*> #Sniffing Attempts
*> watchfor /promiscuous/
*> echo bold
*> mail addresses=meat_private,subject=Someone is sniffing
*> syslog server
*>
*> # Kernel problems or system reboots
*> watchfor /panic|halt/
*> echo bold
*> mail addresses=meat_private,subject=System Reboot
*>
*>
*>
*>
*>
*>
*> _________________________________________________________________
*> MSN 8 with e-mail virus protection service: 2 months FREE*
*> http://join.msn.com/?page=features/virus
*>
*> _______________________________________________
*> LogAnalysis mailing list
*> LogAnalysisat_private
*> http://lists.shmoo.com/mailman/listinfo/loganalysis
*>
--
Harry Hoffman
ITSS Systems Team Leader
University of Auckland
hhoffmanat_private
hhoffman@ip-solutions.net
STANDARD DISCLAIMER:
**********************************************
*This universe shipped by weight, not volume.*
*Some expansion may have occured in shipping.*
*********************************************
-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/
_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Thu Jan 02 2003 - 18:46:54 PST