On Fri, Jan 03, 2003 at 03:52:44PM +0000, swatch swatch wrote: > This is how my mail field looks: > > # Bad login attempts > watchfor /failed/ > echo > exec echo $0 | mail meat_private > exec echo $0 | mail -s\"Authentication Failure\" > operators\\@mycompany.com > > And here is the output I get when I run the command: > > # /usr/local/bin/swatch -c /var/log/swatchrc -t /var/log/messages > Can't find string terminator '"' anywhere before EOF at > /root/.swatch_script.24287 line 477. swatch works by parsing your config file and generating the "real" parser script from the instructions therein. Generally speaking, when you see an error message about '"' from the sub-script (/root/.swatch_script.24287, in your case,) what you're seeing is a problem with the quoting in your swatchrc. It is a big enough pain to work with that I'd recommend you eschew the '"' character whenever possible. You also should not need to escape the characters '$', '@', or '%' in an exec. swatch does that for you. Try this: --- CUT HERE --- # Bad login attempts watchfor /failed/ echo exec echo $0 | mail meat_private exec echo $0 | mail -s 'Authentication Failure' operatorsat_private --- CUT HERE --- > I try and open .swatch_script.24287 with vi and it is an empty file (why > does it say the error is on line 477)? swatch removes the sub-script after the sub-script finishes executing (whether the sub-script errored out or not.) You can generate the sub-script any time by adding --dump-script to your swatch command. -- Ed Schmollinger - schmolliat_private
This archive was generated by hypermail 2b30 : Sat Jan 04 2003 - 10:44:50 PST