I've been reading the 3.3 docs on invalidating a userid (temporarily
or permanently) after a predefined number of invalid attempts. To me
however, the most important thing is not configuring this, but being
notified when a "cracking" attempt is underway. (Adminstrative
vigilance is always necessary).
I've read the docs several times and am wondering how I might send a alert
in this situation. Right now, it looks like I have to run something to
periodically browse the logs. Obviously, I'd prefer a trap.
