Re: log analyze applications

To: Debian-Security List <debian-security@lists.debian.org>
Subject: Re: log analyze applications
From: Eric LeBlanc <inouk@toutatis.igt.net>
Date: Wed, 27 Feb 2002 10:56:02 -0500 (EST)
Message-id: <[🔎] Pine.LNX.3.96.1020227105132.1092A-100000@toutatis.igt.net>
In-reply-to: <[🔎] 1014823357.401.15.camel@eimbox>

On 27 Feb 2002, eim wrote:

> 	* logcheck	(System Log Analyzer)

[SNIP]
> network activity and so on... everything works quite well, the
> only problem is: they generate *REALLY* much mail traffic with
> lots of output which I can't read all.
> 
> So my question is, has anyone a good solution for checking
> syslogs, netlogs, etc. in order to have a simple and strict
> overview of system activities ?
> 
> Are there any tools which are smarter, faster and cleaner
> as my combination of log analyze apps. ?
> 

The most smarter you can find is you brain.  Logcheck is very useful and
does not send many e-mails if you know how to configure correctly.  

In other words, if you don't want to see some messages, so add theses
messages in appropriate ignore file...

Here, each week, in one log file, I have approxymately 800 000 lines, and
I use logchecker to search some words (and discard other words) to put in
report and e-mail it to me, and (it's luck or it's a good configuration?)
each e-mail which I had recieved are useful for me.

Eric

Reply to:

References:
- log analyze applications
  - From: eim <eim@eimbox.org>

Prev by Date: log analyze applications
Next by Date: Re: log analyze applications
Previous by thread: log analyze applications
Next by thread: Re: log analyze applications
Index(es):
- Date
- Thread