EPEL-Repository hinzugefügt
# rpm -ivh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
Farbfeldinstallation
# yum install swatch --enablerepo=epel
Wenn die Zeichenfolge "action =" auth-logon "" in der Protokolldatei erkannt wird
# vi swatch_fwlog.conf
watchfor /action=\"auth-logon\"/
echo
[email protected],subject="[sslvpn] logon success"
# /usr/bin/perl /bin/swatch -c /root/swatch_fwlog.conf -t /var/log/fwlog &
#Prozessnummer töten
# vi /lib/systemd/system/swatch_fwlog.service
[Unit]
Description=swatch for firewall log
After=syslog.target network.target postfix.service
[Service]
ExecStart=/usr/bin/swatch -c /root/swatch_fwlog.conf -t /var/log/fwlog --pid-file /var/run/swatch_fwlog.pid --daemon > /dev/null 2>&1
Type=forking
PIDFile=/var/run/swatch_fwlog.pid
[Install]
WantedBy=multi-user.target
# systemctl daemon-reload
# systemctl enable swatch_fwlog
# systemctl start swatch_fwlog
# systemctl status swatch_fwlog
# systemctl stop swatch_fwlog
Recommended Posts