Re: swatch alternatives?

[Andreas Östling <andreaso () it su se>]

> On Wed, 23 Apr 2003, Chris wrote:

> > What other alternatives is there that will do this?  I tried to find
> > logwatch but it points to a cisco error page.

I wrote a simple swatch replacement a few months ago that I needed for a 
project (SEC didn't quite suit me either).

It can do some things that I really needed, such as signing and encrypting 
outgoing mail using GnuPG, reload config on SIGHUP without losing current 
queued events, users can have their own include files with patterns/options, 
you can define variables and later use them in patterns, and when trottling, 
all following matches (with an upper limit) will automatically be included in 
the mail, and you can specify patterns that will make some possible queued 
events to be cleared etc...

As usual, it's just a quick hack that I may never touch again...
It requires several perl modules and does not contain any documentation (just 
a couple of example configs). I don't really remember how bad/well it works.
See http://devel.it.su.se/cgi-bin/local/cvsweb.cgi/lc/ if you're interested 
anyway. 

/Andreas



-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users