Hi Folks, Lets say u have one machine that is a log server for several others. Can anyone recommend a good script / tool / whatever to parse the logfile and extract relevant information out of it? I have tried several allready, but id like to hear opinions of ppl who allready used remote loggin for a while .. im pretty new to this. -- Mit freundlichen Grüßen Alexander Bien -- PIRONET NDH Alexander Bien - Technical Assistant - SBU Services Josef-Lammerting-Allee 14-18, 50933 Cologne - Germany Tel.: +49 (0)172 7760569 - Fax: +49 (0)221 770 2815 mailto:abien@pironet.com - http://www.pironet-ndh.com
Alexander Bien wrote:
Hi Folks,
Lets say u have one machine that is a log server for several others. Can anyone recommend a good script / tool / whatever to parse the logfile and extract relevant information out of it?
I have tried several allready, but id like to hear opinions of ppl who allready used remote loggin for a while .. im pretty new to this.
maybe syslog-ng is something for you? afaik you can use regex to log events to special files, maybe one per computer .. and for securityreasons you can use logcheck ... HTH -- Mit freundlichen Gruessen / best regards, Sven Michels Network Operating Center / Infrastructure */* Wichtig */* Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail ist nicht gestattet. */* Important */* This e-mail may contain confidential and/or privileged information. If you are not the intended recipient (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail. Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden. ----------------------------------------- intraDAT AG Wilhelm Leuschner Strasse 7 u. 9-11 60329 Frankfurt / Germany Tel: +49 69 256 29 - 0 Fax: +49 69 256 29 - 256 http://www.intradat.com --------------------
First, what have you tried? I have a couple that I use. Also, what do you
consider to be "relevant" information?
Geordon
----- Original Message -----
From: "Alexander Bien"
Hi Folks,
Lets say u have one machine that is a log server for several others. Can anyone recommend a good script / tool / whatever to parse the logfile and extract relevant information out of it?
I have tried several allready, but id like to hear opinions of ppl who allready used remote loggin for a while .. im pretty new to this.
--
Mit freundlichen Grüßen
Alexander Bien
-- PIRONET NDH Alexander Bien - Technical Assistant - SBU Services Josef-Lammerting-Allee 14-18, 50933 Cologne - Germany Tel.: +49 (0)172 7760569 - Fax: +49 (0)221 770 2815 mailto:abien@pironet.com - http://www.pironet-ndh.com
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Hi Geordon, I think you might give logcheck a try. I use this since quite a while without problems. Regards, Marko
* Alexander Bien wrote on Fri, Apr 27, 2001 at 12:18 +0200:
Lets say u have one machine that is a log server for several others. Can anyone recommend a good script / tool / whatever to parse the logfile and extract relevant information out of it?
I use may own tool, logmail, see http://sws.dett.de/. It's a filter lauched by cron. Just configure what you want and what not, that's it. logmail was first used on a loghost, you can configure different mail addresses in combination with logfiles and regular filter expressions. But maybe you have other wishes... oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
participants (5)
-
Alexander Bien
-
Geordon VanTassle
-
Marko Kaening
-
Steffen Dettmer
-
Sven Michels