Re: Log file IDS package?

To: Andrew Pollock <apollock@debian.org>
Cc: debian-security@lists.debian.org
Subject: Re: Log file IDS package?
From: lupe@lupe-christoph.de (Lupe Christoph)
Date: Wed, 12 Jan 2005 07:57:55 +0100
Message-id: <[🔎] 20050112065755.GA10123@lupe-christoph.de>
Mail-followup-to: Andrew Pollock <apollock@debian.org>, debian-security@lists.debian.org
In-reply-to: <[🔎] 20050112055740.GA31398@daedalus.andrew.net.au>
References: <[🔎] 20050112055740.GA31398@daedalus.andrew.net.au>

On Wednesday, 2005-01-12 at 16:57:41 +1100, Andrew Pollock wrote:

> Is there software in Debian that will do something along the lines of a tail
> -f of a given logfile, looking for supplied regexs and do custom actions on
> matches?

I'm using swatch. But swatch can only limit the number of actions
performed on a match, not perform an action if a count is exceeded. That
would need to be done in the script called when a match is found.

HTH,
Lupe Christoph
-- 
| lupe@lupe-christoph.de       |           http://www.lupe-christoph.de/ |
| Ask not what your computer can do for you                              |
| ask what you can do for your computer.                                 |

Reply to:

References:
- Log file IDS package?
  - From: Andrew Pollock <apollock@debian.org>

Prev by Date: Log file IDS package?
Next by Date: Re: [SECURITY] [DSA 635-1] New exim packages fix arbitrary code execution
Previous by thread: Log file IDS package?
Next by thread: Re: Log file IDS package?
Index(es):
- Date
- Thread