Swatch
Platforms:
BSDI,
Linux,
Solaris,
UNIX
Categories:
Host,
Intrusion Detection
Version: v3.0.4
URL: http://www.stanford.edu/~atkins/swatch/
Swatch was originally written to actively monitor messages as they were written to a log file via the UNIX syslog utility. It has multiple methods of alarming, both visually and by triggering events. The perfect tools for a master loghost. It is known to work flawlessly on Linux (RH5), BSDI, and Solaris 2.6 (patched).