Kind of silly to state using an expect script or any other "script" for
that matter considering the assumption that, it seems he is not trusting
someone (as mentioned in another post), so I would take it that this
script would run from where?
Not only that, you would go through hell configuring encrypting the
password on an expect script for the script to decrypt, then send. Now,
not only that, but then what? How would you configure it to monitor
something say in real time? You would likely have to use the diff and grep
commands for parsing, and a whole bunch of other things to get it to just
monitor a change, not a guarantee you will find out who changed it without
some major scripting as opposed to using accounting ala TACACS+
spawn ssh email@example.com
expect "Password: "
Expect would be worthless in my opinion. Why reinvent the "kick their
asses to accounting mode" wheel.