-- Learning scripts/module
-- $self->{LOG} goes to module log.pm
-- require "structured" replacement for debug messages and
other STDOUT warning print statements
-- code can always be improved...
Can we monitor all activity, not just poll it?
-- write a sig-list-file generator script (e.g., watches for 24 hours and
then writes a file which can be hand-modified afterwards);
-- improve sigs: e.g., look at cwd or .so files used, or...
-- write a sig-list-file generator script (e.g., watches for 24 hours and
then writes a file which can be hand-modified afterwards);
-- move sig list to a file;
-- write a sig-list-file generator script (e.g., watches for 24 hours and
then writes a file which can be hand-modified afterwards);
-- or: two files: one for std Solaris 7 (or other std OS),
one for local stuff, e.g., nqs, this latter generated
by the script;
-- should be able to compare any two sets of logs (check it can do
this and _document_ this --- its upto Scripts/taillog to get
the "second" set of log files by some means, e.g., this could
be scp from user machine to sylo machine (with cheesewire
running on sylo machine)
-- use inotify:
http://www-128.ibm.com/developerworks/linux/library/l-inotify.html
-- if a change occurs, check if its its from dpkg or rpm (or whatever),
if it is log and update sig, if not then usual warning
-- adaption: if new files appear in a configured directory should be
incorporated automatically;
-- addition to a file, no decrease, e.g. for wtmp and log files (how to
deal with log-rotate --- or write a dedicated log-watch util (log files
should never _decrease_ in size, only be manipulated by log-rotate);
---------------------------------------
DONE
-- add in directory listings : are there any new files in said directory?
-- different time scales :
-- important files each hour;
-- more files each night;
| ...previous | up (conts) | next... |