Mailinglist Archive: opensuse (2459 mails)

< Previous Next >
Re: [opensuse] Monitoring my Linux logs
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Wed, 12 Mar 2008 16:00:52 +0100
  • Message-id: <fr8r74$ucu$2@xxxxxxxxxxxxxxxx>
Dirk Moolman wrote:

We are in the process of building our own scripts to monitor all our
systems (operating systems, databases, network, etc.)

My question is around Linux. We want to monitor the main linux logs.
I would appreciate some tips & ideas on this.

Our first goal is to go through the Linux log (/var/log/messages), and
grep out problem areas / errors, but this can be tricky, eg. what do
you grep for ?

What is the industry standard - how do you guys & girls do this ?

Generally speaking, we've identified a number of messages that we
monitor and turn into events. We have syslog-ng pipe the logdata to a
named pipe, which we then listen on. Each message is filtered through
a list of regexes, at least one for each event we're looking for. The
event then has a custom action associated - some is just for collecting
stats, others are realtime for alerting etc.

As for specific monitoring of /var/log/messages - we don't do much of
that. We keep a close eye on /var/log/firewall although mostly for
statistics. We also keep a close eye on /var/log/mail as we process a
lot of email.

PS. we do not have the budget to buy tools, so I have to make do with
free software, and writing my own scripts.

I think you'll get quite far with that.



/Per Jessen, Z├╝rich

--
http://www.spamchek.com/ - your spam is our business.

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >
References