It should be possible. Try adding <check_diff /> to the rule. More info: http://dcid.me/2010/03/alerting-when-a-log-or-output-of-a-command-changes/
On Fri, Apr 22, 2011 at 4:28 PM, satish patel <[email protected]> wrote: > Thanks dan, > > Is it possible i get diff output of my iptables command? Currently its > dumping full output. it would be good if we have only diff output. > > -S > > > On Fri, Apr 22, 2011 at 4:11 PM, dan (ddp) <[email protected]> wrote: >> There is no setting to do what you want. You'll have to dig into the source. >> >> On Fri, Apr 22, 2011 at 3:46 PM, satish patel <[email protected]> wrote: >>> Hey Guys! >>> >>> I am monitoring iptable output and doing check_diff to compare and >>> alert but somehow i am getting half output of "iptables -L -n" I knew >>> there is a limit of email alert output. >>> >>> can we increase limit ? >>> >>> -S >>> >> >
