Log Monitoring with Swatch
Swatch is a Perl-based log monitoring tool that can match regular expressions and perform automated actions. The tool is useful for monitoring system log files in real time with an option to run external commands or to notify the admins in response to particular messages found in the logs.
Example configuration file: /etc/swatch.conf
exec “/var/adm/bin/pager.sh 800-555-1234”
Scan a file and report any matches:
swatch –config-file=/etc/swatch.conf –examine=/var/log/messages
Continuously monitor a log file:
swatch –config-file=/etc/swatch.conf –tail=/var/log/messages