<div>
 use &amp;&nbsp;to send it to the background 
/usr/sbin/swatch start &amp;&nbsp; 
 
 
You should add this entry to /etc/rc.local and have &nbsp;this start when the system boots.
</div>

<div>
Thanks for the reply, sir i did a mistake i,e after installing the source like make install &nbsp;executed the make realclean then thought of installing the swatch rpm hence did make clean nothing happened removed source directory of swatch swatch-3.2.3, &nbsp;even after removing also swatch source directory service is still running then decided again did untar of source, something has gone wrong 
even after killing the swatch service if execute the /usr/bin/swatch stop with the stop command still the swatch service starts. 
Sir, can you please guide me how to completely uninstall the swatch so that i will install freshly. 

</div>

<div>
When you reinstall, you will overwrite the installed items. 
you could try: make uninstall 

</div>

<div>
Sir, thanks for the reply , &nbsp;i tried but uninstall is not happening 
cd /opt/snort/swatch-3.2.3 
[root@authserver swatch-3.2.3]# make uninstall 
make: *** No rule to make target `uninstall'. &nbsp;Stop. 
[root@authserver swatch-3.2.3]# make clean 
make: *** No rule to make target `clean'. &nbsp;Stop. 
 
Please help how to completely uninstall or remove the swatch 

</div>

<div>
You have to look at the make install rule and then go manually and remove each entry. 
 
Another option is 
make DEST=/var/tmp install 
 
This will create the same file in /var/tmp i.e. ls /var/tmp will have the structure of the items, you would then go though those as a reference to those unfer /usr. 
 
Since you are planing on installing swatch anyway. &nbsp;It might be starting following a rule you added. 
is you look at ps -ef | grep swatch what is reflected as the PPID (parent process ID)? &nbsp;Find the parent process and see why it is starting swatch. 
</div>

<div>
Sir, thanks for the reply, i tried to kill all the swatch process and then removed the source dir of swatch-3.2.3 and the did untar the souce file while became swatch-3.2.3 after this did the following: 
cd swatch-3.2.3 
perl Makefile.PL 
Checking if your kit is complete... 
Looks good 
Writing Makefile for swatch 
[root@authserver swatch-3.2.3]# make 
cp lib/Swatch/Threshold.pm blib/lib/Swatch/Threshold.pm 
cp lib/Swatch/Throttle.pm blib/lib/Swatch/Throttle.pm 
cp lib/Swatch/Actions.pm blib/lib/Swatch/Actions.pm 
AutoSplitting blib/lib/Swatch/Actions.pm (blib/lib/auto/Swatch/Actions) 
cp swatch blib/script/swatch 
/usr/bin/perl -MExtUtils::MY -e 'MY-&gt;fixin(shift)' -- blib/script/swatch 
Manifying blib/man1/swatch.1 
Manifying blib/man3/Swatch::Threshold.3pm 
Manifying blib/man3/Swatch::Throttle.3pm 
Manifying blib/man3/Swatch::Actions.3pm 
[root@authserver swatch-3.2.3]# make test 
PERL_DL_NONLAZY=1 /usr/bin/perl &quot;-MExtUtils::Command::MM&quot; &quot;-e&quot; &quot;test_harness(0, 'blib/lib', 'blib/arch')&quot; t/*.t 
t/01cpan_modules....ok 
All tests successful. 
Files=1, Tests=1, &nbsp;0 wallclock secs ( 0.08 cusr + &nbsp;0.00 csys = &nbsp;0.08 CPU) 
[root@authserver swatch-3.2.3]# make install 
Appending installation info to /usr/lib64/perl5/5.8.8/x86_64-linux-thread-multi/perllocal.pod 
[root@authserver swatch-3.2.3]# make realclean 
rm -f \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; blib/script/swatch 
rm -f \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; *.a core \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; core.[0-9] blib/arch/auto/swatch/extralibs.all \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; core.[0-9][0-9] swatch.bso \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; pm_to_blib.ts core.[0-9][0-9][0-9][0-9] \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; swatch.x &nbsp;\ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; perl tmon.out \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; *.o pm_to_blib \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; blib/arch/auto/swatch/extralibs.ld blibdirs.ts \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; core.[0-9][0-9][0-9][0-9][0-9] *perl.core \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; core.*perl.*.? Makefile.aperl \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; perl swatch.def \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; core.[0-9][0-9][0-9] mon.out \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; libswatch.def perlmain.c \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; perl.exe so_locations \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; swatch.exp 
rm -rf \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; blib 
mv Makefile Makefile.old &gt;&nbsp;/dev/null 2&gt;&amp;1 
rm -f \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Makefile.old Makefile 
rm -rf \ 
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; swatch-3.2.3 
 
---------------------------------------------------- 
Sir my doubt is after executing the command 
# make install &nbsp;what is the use of &nbsp;executing make realclean 
please suggest is it required to execute make realclean, thanks in advance. 
 
 

</div>

<div>
realclean removes all that you've done returning the source directory to what it was. &nbsp;usually one runs realclean,distclean before starting to compile to make sure that the source does not contain unexpected compiled object that inadvertently were included in the source. 
The realclean removes everything except the compiled program but it can not be reinstalled. 
Perhaps this is being done so you have the compiled item as a reference, do not see the point. 
 
make DESTDIR=location install will get the item installed in the same way it would 
location\usr\bin... 
In case you want to build a distributable package. &nbsp;such that you can then use the package manager to remove the application as well as to maintain a list of what applications you have installed. 
 

</div>

<div>
Thank you very very much, &nbsp; as i have executed the &quot;real clean&quot; after the &quot;make install&quot; as you say it removes everthing expept the compiled program by any chance does &quot;real clean&quot; uninstall or removes the installed application. please let me know should i again execute the make install. 
Thanks in advance.
</div>

<div>
<div class="content wysiwyg-content">
Dear Experts: 
 
Iam having rhel5.5 installed snort , now wants to setup swatch-3.2.3 hence downloaded and installed by the following: 
perl Makefile.PL 
make 
make test 
make install 
--------------------------------------- 
everything went well also iam able to start swatch service like the following: 
/usr/bin/swatch start 
 
*** swatch version 3.2.3 (pid:22710) started at Sun Nov 14 18:49:19 IST 2010 
 
---------------- 
 
but the problem is cursor is not getting released after executing the below command 
&nbsp;/usr/bin/swatch start 
 
should execute the ctrl c to release the cursor by doing this swatch stops. 
 
the program does not stop /usr/bin/swatch stop instead it starts. please help me how make this service start or stop successfully. 
 
Thanks in advance. 
 
 
 
 
 
 
 
 
 
 
 
 

</div>
</div>

Dear Experts:

Iam having rhel5.5 installed snort , now wants to setup swatch-3.2.3 hence downloaded and installed by the following:
perl Makefile.PL
make
make test
make install
---------------------------------------
everything went well also iam able to start swatch service like the following:
/usr/bin/swatch start

*** swatch version 3.2.3 (pid:22710) started at Sun Nov 14 18:49:19 IST 2010

----------------

but the problem is cursor is not getting released after executing the below command
 /usr/bin/swatch start

should execute the ctrl c to release the cursor by doing this swatch stops.

the program does not stop /usr/bin/swatch stop instead it starts. please help me how make this service start or stop successfully.

Thanks in advance.














swatch log monitor in linux

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

The Linux operating system, in all its flavors, has its own share of security flaws that allow intrusions, but there are various mechanisms by which these flaws can be removed, generally divided into two parts: authentication and access control. Authentication is responsible for ensuring that a user requesting access to the system is really the user with the account, while access control is responsible for controlling which resources each account has access to and what kind of access is permitted.

Linux Security

The variety of Linux distributions creates myriad issues relating to configuration and operations when computers are networked, not the least of which is the use of various network management applications, some of which are included with specific distributions, while others are standalone applications.