Re: A tool like "logwatch" for a log server
Andy Davidson wrote:
On 14 Sep 2007, at 15:59, Felipe Augusto van de Wiel (faw) wrote:
Imagining that a lot of people here concentrate
their logs in a log server, I was wondering if there are
recommendation for a good log analyzer, something like
logwatch, or documented procedure to get logs from various
hosts checked and reported daily (maybe logcheck?).
We aggregate with syslog-ng and analyze with splunk -
Splunk isn't open source, but it's "the mutts".
Sort of related question: Does anybody (when aggregating logs to a
dedicated logging host) stop logging to the local disk, or do you still
do both local and remote logging?