I have started looking at 'swatch'. It seems to be a reasonable package. I like it trigger configuration file layout, simple, straight-forward.
The syslog package we are running on the systems in question is sysklog. The systems are actually Oracle Enterprise Linux (which is a rebranding of RedHat) on x86_64 platforms. The reason I asked here is being a mainframer I did not know a better place to ask such a question. /Tom Kern Bruce Furber wrote: > Webmin. Has log scanning > > > "Patrick Spinler" <[email protected]> wrote: > > > You may find 'swatch' useful for this: > > http://sourceforge.net/projects/swatch/ > > Here's a recipe for hooking up a central syslog-ng that also feeds swatch: > > http://www.campin.net/newlogcheck.html#swatch > > -- Pat > > Kern, Thomas wrote: >>>> Given a series of linux servers sending their filtered syslog messages to >>>> a central server, is there some facility in linux syslog (or an add-on) >>>> that can parse the incoming messages and based on message content trigger >>>> some linux action routine? Action routines might send email to some >>>> support staff, invoke some other program (data collection/archive) or >>>> issue a command to another server via a properly authorized path. >>>> >>>> /Thomas Kern >>>> /301-903-2211 (Office) >>>> /301-905-6427 (Mobile) >>>> >>>> >>>> ---------------------------------------------------------------------- >>>> For LINUX-390 subscribe / signoff / archive access instructions, >>>> send email to [email protected] with the message: INFO LINUX-390 or >>>> visit >>>> http://www.marist.edu/htbin/wlvindex?LINUX-390 >> ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 > -- > Sent from my Android phone with K-9. Please excuse my brevity. ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390
