[prev in list] [next in list] [prev in thread] [next in thread]
List: swatch-users
Subject: Swatch-users Digest, Vol 22, Issue 1
From: swatch-users-request () ucsb ! edu
Date: 2004-03-15 20:00:29
Message-ID: E1B2yGD-0008kc-8Z () ucsb ! edu
[Download RAW message or body]
Send Swatch-users mailing list submissions to
swatch-users@ucsb.edu
To subscribe or unsubscribe via the World Wide Web, visit
http://ucsb.edu/mailman/listinfo/swatch-users
or, via email, send a message with subject or body 'help' to
swatch-users-request@ucsb.edu
You can reach the person managing the list at
swatch-users-owner@ucsb.edu
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Swatch-users digest..."
Today's Topics:
1. Swatch 3.0.8 on FreeBSD 4.8-RELEASE (Jesse Guardiani)
2. RE: Swatch 3.0.8 on FreeBSD 4.8-RELEASE (Millard, Matt)
3. RE: Swatch 3.0.8 on FreeBSD 4.8-RELEASE
(daniel.j.botz@Cummins.com)
4. Re: Swatch 3.0.8 on FreeBSD 4.8-RELEASE (Jesse Guardiani)
----------------------------------------------------------------------
Message: 1
Date: Mon, 15 Mar 2004 12:27:31 -0500
From: Jesse Guardiani <jesse@wingnet.net>
Subject: [Swatch-users] Swatch 3.0.8 on FreeBSD 4.8-RELEASE
To: swatch-users@ucsb.edu
Message-ID: <200403151227.31257.jesse@wingnet.net>
Content-Type: text/plain; charset="us-ascii"
Howdy list,
<gripe />
Seems like every time I upgrade swatch it stops working for one
reason or another. Has anyone considered rewriting swatch in C
or python so we can get some sanity here?
<gripe />
Anyway, here's my swatch version:
This is swatch version 3.0.8
Built on 4 April 2003
Built by E. Todd Atkins <Todd.Atkins@StanfordAlumni.ORG>
Here's my perl version:
This is perl, v5.6.1 built for i386-freebsd
And here's my OS version:
FreeBSD chortos.wingnet.net 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Fri Apr 11 12:59:08 \
EDT 2003 jesse@chortos.wingnet.net:/usr/src/sys/compile/CHORTOS i386
Basically, the problem seems to be that log rotations will cause
swatch to stop watching the log file properly. I've tried setting the
restart option to 5 minutes after my log rotations, but it hasn't
helped.
Here's my swatch startup command:
/usr/local/bin/swatch --tail=/var/log/qmail-scanner.log \
--config-file=/usr/local/etc/swatch/swatchrc --restart-time=00:05am --daemon
And here's my swatchrc file:
--------------------------------------------------
watchfor /CLAMUKO:.*:RC:1/
exec "/bin/echo '$0' | /usr/bin/mail -s 'CUSTOMER VIRUS ALERT (chortos)' \
virusalert@wingnet.net" throttle 00:00:01
watchfor /Perlscan:.*:RC:1/
exec "/bin/echo '$0' | /usr/bin/mail -s 'CUSTOMER ATTACHMENT ALERT (chortos)' \
virusalert@wingnet.net" throttle 00:00:01
--------------------------------------------------
Any ideas?
--
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v) 423-559-5145 (f)
http://www.wingnet.net
------------------------------
Message: 2
Date: Mon, 15 Mar 2004 11:54:35 -0600
From: "Millard, Matt" <Millard.Matt@principal.com>
Subject: RE: [Swatch-users] Swatch 3.0.8 on FreeBSD 4.8-RELEASE
To: <swatch-users@ucsb.edu>
Message-ID:
<6201DF063335254BA0D6AA7053D101170A629AB4@pfgdsmmbx006.principalusa.corp.principal.com>
Content-Type: text/plain; charset="iso-8859-1"
This way is working for me in 3.0.4.
/usr/bin/swatch --config-file=/usr/local/etc/.swatchrc_alerts \
--read-pipe="/usr/bin/tail --follow=name /var/log/messages"
Matt
> -----Original Message-----
> From: swatch-users-bounces@ucsb.edu
> [mailto:swatch-users-bounces@ucsb.edu]On Behalf Of Jesse Guardiani
> Sent: Monday, March 15, 2004 11:28 AM
> To: swatch-users@ucsb.edu
> Subject: [Swatch-users] Swatch 3.0.8 on FreeBSD 4.8-RELEASE
>
>
> Howdy list,
>
> <gripe />
> Seems like every time I upgrade swatch it stops working for one
> reason or another. Has anyone considered rewriting swatch in C
> or python so we can get some sanity here?
> <gripe />
>
> Anyway, here's my swatch version:
>
> This is swatch version 3.0.8
> Built on 4 April 2003
> Built by E. Todd Atkins <Todd.Atkins@StanfordAlumni.ORG>
>
> Here's my perl version:
>
> This is perl, v5.6.1 built for i386-freebsd
>
> And here's my OS version:
>
> FreeBSD chortos.wingnet.net 4.8-RELEASE FreeBSD 4.8-RELEASE
> #0: Fri Apr 11 12:59:08 EDT 2003
> jesse@chortos.wingnet.net:/usr/src/sys/compile/CHORTOS i386
>
> Basically, the problem seems to be that log rotations will cause
> swatch to stop watching the log file properly. I've tried setting the
> restart option to 5 minutes after my log rotations, but it hasn't
> helped.
>
> Here's my swatch startup command:
>
> /usr/local/bin/swatch --tail=/var/log/qmail-scanner.log
> --config-file=/usr/local/etc/swatch/swatchrc
> --restart-time=00:05am --daemon
>
> And here's my swatchrc file:
>
> --------------------------------------------------
> watchfor /CLAMUKO:.*:RC:1/
> exec "/bin/echo '$0' | /usr/bin/mail -s 'CUSTOMER VIRUS
> ALERT (chortos)' virusalert@wingnet.net"
> throttle 00:00:01
>
> watchfor /Perlscan:.*:RC:1/
> exec "/bin/echo '$0' | /usr/bin/mail -s 'CUSTOMER
> ATTACHMENT ALERT (chortos)' virusalert@wingnet.net"
> throttle 00:00:01
> --------------------------------------------------
>
> Any ideas?
> --
> Jesse Guardiani, Systems Administrator
> WingNET Internet Services,
> P.O. Box 2605 // Cleveland, TN 37320-2605
> 423-559-LINK (v) 423-559-5145 (f)
> http://www.wingnet.net
>
>
>
> _______________________________________________
> Swatch-users mailing list
> Swatch-users@ucsb.edu
> http://ucsb.edu/mailman/listinfo/swatch-users
>
------------------------------
Message: 3
Date: Mon, 15 Mar 2004 12:56:35 -0600
From: daniel.j.botz@Cummins.com
Subject: RE: [Swatch-users] Swatch 3.0.8 on FreeBSD 4.8-RELEASE
To: swatch-users@ucsb.edu
Message-ID:
<OF49E143EC.29E8EDE6-ON86256E58.0067C8D0-86256E58.00680EBA@cidc.cummins.com>
Content-Type: text/plain; charset=us-ascii
"kill -HUP <swatch-pid>" after the logs are rotated.
----- Forwarded by Daniel J Botz/PGG/Cummins on 03/15/2004 12:53 -----
> ---------+----------------------------->
> > "Millard, Matt" |
> > <Millard.Matt@prin|
> > cipal.com> |
> > Sent by: |
> > swatch-users-bounc|
> > es@ucsb.edu |
> > >
> > >
> > 03/15/2004 11:54 |
> > >
> ---------+----------------------------->
>------------------------------------------------------------------------------------------------------------------------------|
| \
| | To: swatch-users@ucsb.edu \
| | cc: \
| | Subject: RE: [Swatch-users] Swatch 3.0.8 on FreeBSD 4.8-RELEASE \
| >------------------------------------------------------------------------------------------------------------------------------|
This way is working for me in 3.0.4.
/usr/bin/swatch --config-file=/usr/local/etc/.swatchrc_alerts \
--read-pipe="/usr/bin/tail --follow=name /var/log/messages"
Matt
> -----Original Message-----
> From: swatch-users-bounces@ucsb.edu
> [mailto:swatch-users-bounces@ucsb.edu]On Behalf Of Jesse Guardiani
> Sent: Monday, March 15, 2004 11:28 AM
> To: swatch-users@ucsb.edu
> Subject: [Swatch-users] Swatch 3.0.8 on FreeBSD 4.8-RELEASE
>
>
> Howdy list,
>
> <gripe />
> Seems like every time I upgrade swatch it stops working for one
> reason or another. Has anyone considered rewriting swatch in C
> or python so we can get some sanity here?
> <gripe />
>
> Anyway, here's my swatch version:
>
> This is swatch version 3.0.8
> Built on 4 April 2003
> Built by E. Todd Atkins <Todd.Atkins@StanfordAlumni.ORG>
>
> Here's my perl version:
>
> This is perl, v5.6.1 built for i386-freebsd
>
> And here's my OS version:
>
> FreeBSD chortos.wingnet.net 4.8-RELEASE FreeBSD 4.8-RELEASE
> #0: Fri Apr 11 12:59:08 EDT 2003
> jesse@chortos.wingnet.net:/usr/src/sys/compile/CHORTOS i386
>
> Basically, the problem seems to be that log rotations will cause
> swatch to stop watching the log file properly. I've tried setting the
> restart option to 5 minutes after my log rotations, but it hasn't
> helped.
>
> Here's my swatch startup command:
>
> /usr/local/bin/swatch --tail=/var/log/qmail-scanner.log
> --config-file=/usr/local/etc/swatch/swatchrc
> --restart-time=00:05am --daemon
>
> And here's my swatchrc file:
>
> --------------------------------------------------
> watchfor /CLAMUKO:.*:RC:1/
> exec "/bin/echo '$0' | /usr/bin/mail -s 'CUSTOMER VIRUS
> ALERT (chortos)' virusalert@wingnet.net"
> throttle 00:00:01
>
> watchfor /Perlscan:.*:RC:1/
> exec "/bin/echo '$0' | /usr/bin/mail -s 'CUSTOMER
> ATTACHMENT ALERT (chortos)' virusalert@wingnet.net"
> throttle 00:00:01
> --------------------------------------------------
>
> Any ideas?
> --
> Jesse Guardiani, Systems Administrator
> WingNET Internet Services,
> P.O. Box 2605 // Cleveland, TN 37320-2605
> 423-559-LINK (v) 423-559-5145 (f)
> http://www.wingnet.net
>
>
>
> _______________________________________________
> Swatch-users mailing list
> Swatch-users@ucsb.edu
> http://ucsb.edu/mailman/listinfo/swatch-users
>
_______________________________________________
Swatch-users mailing list
Swatch-users@ucsb.edu
http://ucsb.edu/mailman/listinfo/swatch-users
_____________
This e-mail transmission and any attachments to it are intended solely for
the use of the individual or entity to whom it is addressed and may contain
confidential and privileged information. If you are not the intended
recipient, your use, forwarding, printing, storing, disseminating,
distribution, or copying of this communication is prohibited. If you
received this communication in error, please notify the sender immediately
by replying to this message and delete it from your computer.
------------------------------
Message: 4
Date: Mon, 15 Mar 2004 14:42:38 -0500
From: Jesse Guardiani <jesse@wingnet.net>
Subject: Re: [Swatch-users] Swatch 3.0.8 on FreeBSD 4.8-RELEASE
To: swatch-users@ucsb.edu
Message-ID: <200403151442.38215.jesse@wingnet.net>
Content-Type: text/plain; charset="iso-8859-1"
On Monday 15 March 2004 13:56, daniel.j.botz@Cummins.com wrote:
> "kill -HUP <swatch-pid>" after the logs are rotated.
Didn't help. I tried that before I sent the original email to this list. I think \
something is messed up with the perl tail module on FreeBSD or something. I've tried \
Matt Millard's recommendation for using the native tail command via the pipe \
interface. I'll let the list know if that solves it for me tommorrow.
Thanks!
--
Jesse Guardiani, Systems Administrator
WingNET Internet Services,
P.O. Box 2605 // Cleveland, TN 37320-2605
423-559-LINK (v) 423-559-5145 (f)
http://www.wingnet.net
------------------------------
_______________________________________________
Swatch-users mailing list
Swatch-users@ucsb.edu
http://ucsb.edu/mailman/listinfo/swatch-users
End of Swatch-users Digest, Vol 22, Issue 1
*******************************************
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic