Nightly Filter Summary E-Mail
Scott and I talked about this earlier on IRC. Could be a package for 2.0, or worked in somehow.
A daemon of some sort could check filter logs every 5 minutes and collect summary data, then store it in an xml or serialized data file. At the end of a 24 hour period, this data could be used to generate a report on the filter activity for the day.
The report could look similar to the pie charts output by the filter log summary graphs, but those only work on whatever data is currently in the log.
It would need to keep track of the last log message it read to ensure that it isn't counting things more than once. If the entire log file wraps in under 5 minutes, it should log an error telling the admin to increase the log size (also feature that doesn't yet exist, but should be fairly easy to add.)
Updated by Jim Pingle about 12 years ago
And /etc/periodic/security/520.pfdenied on a full system