"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "README" between
swatch-3.2.3.tar.gz and swatchdog-3.2.4.tar.gz

About: Swatchdog (Simple WATCHdog) activly monitors log files produced by UNIX’s syslog facility (former name "Swatch").

README  (swatch-3.2.3):README  (swatchdog-3.2.4)
Thank you for your interest in swatch: the Simple WATCHdog. Thank you for your interest in swatchdog: the Simple WATCHdog.
Swatch is a SourceForge project whose project page is at Swatchdog is a SourceForge project whose project page is at
http://sourceforge.net/projects/swatch and homepage is at http://sourceforge.net/projects/swatchdog and homepage is at
http://swatch.sourceforge.net http://swatchdog.sourceforge.net
Swatch was originally written to actively monitor messages as Swatchdog was originally written to actively monitor messages as
they are written to a log file via the UNIX syslog utility. For they are written to a log file via the UNIX syslog utility. For
a simple demonstration type "perl swatch --examine=FILENAME" with a simple demonstration type "perl swatchdog --examine=FILENAME" with
FILENAME being the file that you would like to see the contents of. FILENAME being the file that you would like to see the contents of.
All this example will do is demonstrate the different text modes All this example will do is demonstrate the different text modes
that are available with to the echo action. that are available with to the echo action.
Read the INSTALL file for installation instructions. Read the INSTALL file for installation instructions.
IF YOU ENCOUNTER A BUG... IF YOU ENCOUNTER A BUG...
Please send mail to todd.atkins@stanfordalumni.org about it, but first make Please send mail to todd.atkins@stanfordalumni.org about it, but first make
sure that it is not mentioned in the KNOWN_BUGS file and that you are sure that it is not mentioned in the KNOWN_BUGS file and that you are
using the latest release. using the latest release.
MAJOR CHANGES IN VERSION 3.1 MAJOR CHANGES IN VERSION 3.1
Added --extra-include-dirs (or -I) and --extra-modules (or -M) command Added --extra-include-dirs (or -I) and --extra-modules (or -M) command
line options. This allows one to extend the functionality of swatch by line options. This allows one to extend the functionality of swatchdog by
defining customized actions. See the modules in the "examples" directory defining customized actions. See the modules in the "examples" directory
to see how this feature can be used. to see how this feature can be used.
Changed "-I" command option from being shorthand for Changed "-I" command option from being shorthand for
"--input-record-separator" to being short for "--extra-include-dirs" "--input-record-separator" to being short for "--extra-include-dirs"
in order to be more consistent with perl's command line arguments. in order to be more consistent with perl's command line arguments.
Added --tail-program-name and --tail-args command line options. This Added --tail-program-name and --tail-args command line options. This
allows one to use more robust tail commands like GNU tail. Here is allows one to use more robust tail commands like GNU tail. Here is
how I use it to watch multiple files and not have to worry when they how I use it to watch multiple files and not have to worry when they
get rotated: get rotated:
% swatch --tail-prog=/usr/local/bin/gtail \ % swatchdog --tail-prog=/usr/local/bin/gtail \
--tail-args '--follow=name --lines=1' \ --tail-args '--follow=name --lines=1' \
--tail-file="/var/log/messages /var/log/snort/alert" --tail-file="/var/log/messages /var/log/snort/alert"
Added possibility for user to overide "message" option to any action. Added possibility for user to overide "message" option to any action.
Changed default tail arguments from "-1 -f" to "-n 0 -f" Changed default tail arguments from "-1 -f" to "-n 0 -f"
Put action and throttle code into modules named Swatch::Actions and Put action and throttle code into modules named Swatchdog::Actions and
Swatch::Throttle respectively. Swatchdog::Throttle respectively.
Added --awk-field-syntax and --noawk-field-syntax command line options Added --awk-field-syntax and --noawk-field-syntax command line options
with --noawk-field-syntax now set as the default with --noawk-field-syntax now set as the default
Added option for user to use their own regular expression to extract a Added option for user to use their own regular expression to extract a
throttle key from a message using greedy pattern matching. throttle key from a message using greedy pattern matching.
Went back to using the system's tail(1) command for tailing files due Went back to using the system's tail(1) command for tailing files due
to all of the problems that folks were experiencing with the File::Tail to all of the problems that folks were experiencing with the File::Tail
CPAN module. CPAN module.
skipping to change at line 113 skipping to change at line 113
document. document.
FUTURE DIRECTIONS FUTURE DIRECTIONS
I am working on a thresholding module that will behave in a manner that is I am working on a thresholding module that will behave in a manner that is
similar to thresholding in the Snort IDS (www.snort.org). This should similar to thresholding in the Snort IDS (www.snort.org). This should
eventually replace the current throttling mechanism. eventually replace the current throttling mechanism.
SUGGESTIONS? SUGGESTIONS?
Please mail suggestions, problems, and/or complaints about swatch Please mail suggestions, problems, and/or complaints about swatchdog
to Todd.Atkins@StanfordAlumni.ORG to Todd.Atkins@StanfordAlumni.ORG
DONATIONS? DONATIONS?
The swatch program is provided to you free of charge. However, if you find The swatchdog program is provided to you free of charge. However, if you find
it useful I encourage you to send in a donation toward its continuous it useful I encourage you to send in a donation toward its continuous
development. Please send donations online via PayPal (www.paypal.com) using development. Please send donations online via PayPal (www.paypal.com) using
my todd.atkins@stanfordalumni.org address my todd.atkins@stanfordalumni.org address
Thank you. Thank you.
 End of changes. 9 change blocks. 
12 lines changed or deleted 12 lines changed or added

Home  |  About  |  All  |  Newest  |  Fossies Dox  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTPS