Hello. I have been using logdigest and scanlogd for a while in a SuSE 8.2, but it seems not to be avaliable for SuSE 9.0! Anybody knows about this? Regards. El Jueves, 11 de Marzo de 2004 17:54, Andreas Wagner escribió:
Hello Eric, hello list,
* Eric Kahklen wrote on Mar/11/2004:
I am looking for the easiest package that works well with SuSE to parse logs. I'd like to keep track of the typical logs as well as logs for Postfix and Squid. Can anyone recommend some good packages and possible "how tos" for setting it up? My eyes are getting rather tired of walking through each file manually.
Thanks,
Eric
I am using logdigest [1]
configuration files are as follows:
- /etc/logdigest/config: LOGFILES="/var/log/messages /var/log/mail /var/log/firewall" SYSADMIN=root EXTENDED_STATS=yes
- /etc/logdigest/alarming.local: alert:
- /etc/logdigest/ignore.local: Inspecting /boot/System.map-2\.4\.18-4GB Symbol version prefix Virus Scanner will process message spamd\[.*\]: identified spam
etc. Remember that these are regex's. this is the bit that needs some tuning. My ignore.local has some 3kb... I am not sure how well this will handle squid logs, but I am very satisfied with how it handles postfix, iptables, cron and other standard logs.
[1] http://www.suse.de/en/private/products/suse_linux/i386/packages_professional...
HTHH, Andreas
-- Science is everything we understand well enough to explain to a computer. Art is everything else. - David Knuth
-- My Public PGP Keys: 1024 Bit DH/DSS: 0x869F81BA 768 Bit RSA: 0x1AD97BA5
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
-- --------------------------------------------------------------------------------- Manuel Balderrábano e-mail: garibolo@wanadoo.es ---------------------------------------------------------------------------------