nanog mailing list archives

Re: log parsing tool?

From: Darren Bolding <darren () bolding org>
Date: Mon, 22 Feb 2010 14:34:25 -0800

SEC (Simplet Event Correlator) is a very effective tool for this, IMHO.  I
am by no means an expert with it, but I know several people who are, and
while it is not as well known as splunk or some other tools, I have been
very impressed by the results I've seen using it.

As with any event correlation tool, there is a significant level of invested
effort required to make use of this.

http://simple-evcorr.sourceforge.net/

Below is a presentation about SEC.

http://www.occam.com/sa/CentralizedLogging2009.pdf

On Mon, Feb 22, 2010 at 2:15 PM, fedora fedora <fedorafans () gmail com> wrote:

Greetings,

Anyone has good recommendations for an open-sourced log parsing and
analyzing application? It will be used to work with syslog-ng and other
general syslog and application logs.

I have been looking at swatch and logwatch, but would like to find out if
there are other good choices, thanks

FD




-- 
--  Darren Bolding                  --
--  darren () bolding org           --

Current thread:

log parsing tool? fedora fedora (Feb 22)
- Re: log parsing tool? Steven J. Hutchison (Feb 22)
- Re: log parsing tool? Darren Bolding (Feb 22)
- Re: log parsing tool? Jeff Rooney (Feb 22)
  - Re: log parsing tool? fedora fedora (Feb 22)
    - Re: log parsing tool? Dale W. Carder (Feb 22)
    - Re: log parsing tool? gordon b slater (Feb 22)
- Re: log parsing tool? Matthew Palmer (Feb 23)