Hey, all -- I'm trying to find a program that can "watch" a log file, match incoming lines with configurable regexes, and as a result of these matches do things like send e-mail, etc. I've looked at logsurfer (http://logsurfer.sf.net/), which is contained in the SuSE 9.1 distro that I'm using on this machine, but have run into a problem. Specifically -- the log file that I want to analyze gets very, very large. On the order of 4 GB/day. And logsurfer simply refuses to open it once it grows beyond a certain point. I'm wondering whether anyone knows of either: - An alternative to logsurfer, with the same or very similar abilities; or - An alternative package to the one in SuSE 9.1, with support for larger files. The machine is a dual-athlon with about 400GB of disk; so it is an i686 machine (rather than 64-bit).
On Mon, Sep 12, 2005 at 05:16:47PM -0400, Marlier, Ian wrote:
Hey, all --
I'm trying to find a program that can "watch" a log file, match incoming lines with configurable regexes, and as a result of these matches do things like send e-mail, etc.
I've looked at logsurfer (http://logsurfer.sf.net/), which is contained in the SuSE 9.1 distro that I'm using on this machine, but have run into a problem.
Specifically -- the log file that I want to analyze gets very, very large. On the order of 4 GB/day. And logsurfer simply refuses to open it once it grows beyond a certain point.
I'm wondering whether anyone knows of either: - An alternative to logsurfer, with the same or very similar abilities; or - An alternative package to the one in SuSE 9.1, with support for larger files.
Take a look at splunk (http://www.splunk.com/) -Kastus
On Mon, 2005-09-12 at 17:16 -0400, Marlier, Ian wrote:
Hey, all --
I'm trying to find a program that can "watch" a log file, match incoming lines with configurable regexes, and as a result of these matches do things like send e-mail, etc.
I've looked at logsurfer (http://logsurfer.sf.net/), which is contained in the SuSE 9.1 distro that I'm using on this machine, but have run into a problem.
Specifically -- the log file that I want to analyze gets very, very large. On the order of 4 GB/day. And logsurfer simply refuses to open it once it grows beyond a certain point.
I'm wondering whether anyone knows of either: - An alternative to logsurfer, with the same or very similar abilities; or - An alternative package to the one in SuSE 9.1, with support for larger files.
The machine is a dual-athlon with about 400GB of disk; so it is an i686 machine (rather than 64-bit).
Check out http://logcheck.org/ . Brad Dameron SeaTab Software www.seatab.com
participants (3)
-
Brad Dameron -
Kastus -
Marlier, Ian