http://sourceforge.net/projects/swatch/
With swatch you can easily monitor (growing) log files
in realtime and create email alerts based on log file content.
e.g. with a config file like this:
watchfor /Priority\: ([1|2])/
echo=normal
mail=alerts@your.domain,subject=[SNORT] Priority $1 Alert
and a swatch command like this:
swatch --daemon -c /var/ipfire/snort/swatchrc --input-record-separator='\n\n' -t /var/log/snort/alert
you can setup email alerts for SNORT alerts.
This still needs an active MTA (e.g. dma or postfix).
some users has reported problems with the realtek vendor modules.
-problems at link detection with r8101.
-problems with igmpproxy with r8169.
so we switch to the original kernel modul. (vendor drivers are used for
xen because r8169 crash here)
Very useful for analyzing multicast traffic directly on the router/
firewall without the need for a large software like vlc or the like.
http://www.videolan.org/projects/multicat.html
Simple and efficient multicast and transport stream manipulation
The multicat package contains a set of tools designed to easily and
efficiently manipulate multicast streams in general, and MPEG-2
Transport Streams (ISO/IEC 13818-1) in particular.
The multicat suite of applications is very lightweight and designed
to operate in tight environments. Memory and CPU usages are kept to
a minimum, and they feature only one thread of execution.
multicat needs bitstream as a build dependency
http://www.videolan.org/developers/bitstream.html
Apparently the last core update did not include the new
verify script (although it was in the filelist).
So we ship it again with this update, so that all updated
machines will have the right file. New installations are
good.
