On Mon, Sep 12, 2005 at 05:16:47PM -0400, Marlier, Ian wrote:
Hey, all --
I'm trying to find a program that can "watch" a log file, match incoming lines with configurable regexes, and as a result of these matches do things like send e-mail, etc.
I've looked at logsurfer (http://logsurfer.sf.net/), which is contained in the SuSE 9.1 distro that I'm using on this machine, but have run into a problem.
Specifically -- the log file that I want to analyze gets very, very large. On the order of 4 GB/day. And logsurfer simply refuses to open it once it grows beyond a certain point.
I'm wondering whether anyone knows of either: - An alternative to logsurfer, with the same or very similar abilities; or - An alternative package to the one in SuSE 9.1, with support for larger files.
Take a look at splunk (http://www.splunk.com/) -Kastus