ExtremeNetworks Syslog Based Event Notification With Swatch

Swatch, perl-based log watcher, is a very handy tool indeed. It can continuously parse a log, and, based on the configured regular expressions, it can perform whatever tasks you see fit, like, sending an email or SMS notifying you of, say duplicate IPs in a subnet, or checksum errors on a MSM.

When I managed a lot of ExtremeNetworks switches and routers, I wrote a conf file for swatch to notify me of any problems as advertised by Extremeware 6.x OS in the syslog. Since those alerts were not defined as SNMP traps and I didn’t run Epicenter, swatch provided an early notification system of sorts. Some folks found it useful, so I made it available to the general public.

Extremeware 6.x is, well, very dated now, and the syslog error notifications have changed since significantly. I have not kept up with the alarm changes, yet occasionally folks still ask for it. So here it is for those late bloomers.

Again, the conf file is significantly outdated, and is no longer maintained.