[TOOL] SWATCH, Simple Log Watcher

From: support@securiteam.com
Date: 09/12/01

• Previous message: support@securiteam.com: "[NEWS] ACI 4D Web Server Directory Traversal"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: support@securiteam.com
To: list@securiteam.com
Subject: [TOOL] SWATCH, Simple Log Watcher
Message-Id: <20010912203807.F180B138C0@mail.der-keiler.de>
Date: Wed, 12 Sep 2001 22:38:07 +0200 (CEST)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -

  SWATCH, Simple Log Watcher
------------------------------------------------------------------------

DETAILS

 <http://oit.ucsb.edu/~eta/swatch> Swatch, the Simple Watch Daemon is a
program for UNIX system logging, originally written to actively monitor
messages as they are written to a log file via the UNIX syslog utility.
Swatch was designed to keep system administrators from being overwhelmed
by large quantities of log data. It monitors log files and acts to filter
out unwanted data and take one or more simple user specified actions based
upon patterns in the log. Swatch can monitor information as it is being
appended to the log file and alert system administrators immediately to
serious system problems as they occur.

ADDITIONAL INFORMATION

The tool can be downloaded from:
 <http://oit.ucsb.edu/~eta/swatch/> http://oit.ucsb.edu/~eta/swatch/

The information has been provided by
<mailto:todd.atkins@stanfordalumni.org> Todd Atkins.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

---

• Previous message: support@securiteam.com: "[NEWS] ACI 4D Web Server Directory Traversal"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages monitor my debian machine, swatch? ... I want to monitor my debian machine. ... By searching the web for monitoring tools, I have found swatch. ... Also email notification is available. ... do I need for each service a separate configuration file, one for ssh, one ... (Debian-User) SUMMARY: Online log file monitoring script? ... > The log file is quite big and I need to run some ... to grep for the message in every 1 second won't ... You can look at swatch and/or logcheck (or is it ... (SunManagers) Re: monitor my debian machine, swatch? ... Itīs easy to integrate swatch into syslog. ... The man page shows that I can monitor log ... And do I need for each service a separate configuration file, ... (Debian-User) Swatch sort of (not) working... ... So I got snortsnarf to work but now I'm stuck again.. ... I installed swatch to monitor the auth.log for those famous "Illegal ... I am setting up the swatchrc file and got it sort of working but I have ... (freebsd-questions)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > Securiteam  > 2001-09