nanog mailing list archives
Re: log parsing tool?
From: Darren Bolding <darren () bolding org>
Date: Mon, 22 Feb 2010 14:34:25 -0800
SEC (Simplet Event Correlator) is a very effective tool for this, IMHO. I am by no means an expert with it, but I know several people who are, and while it is not as well known as splunk or some other tools, I have been very impressed by the results I've seen using it. As with any event correlation tool, there is a significant level of invested effort required to make use of this. http://simple-evcorr.sourceforge.net/ Below is a presentation about SEC. http://www.occam.com/sa/CentralizedLogging2009.pdf On Mon, Feb 22, 2010 at 2:15 PM, fedora fedora <fedorafans () gmail com> wrote:
Greetings, Anyone has good recommendations for an open-sourced log parsing and analyzing application? It will be used to work with syslog-ng and other general syslog and application logs. I have been looking at swatch and logwatch, but would like to find out if there are other good choices, thanks FD
-- -- Darren Bolding -- -- darren () bolding org --
Current thread:
- log parsing tool? fedora fedora (Feb 22)
- Re: log parsing tool? Steven J. Hutchison (Feb 22)
- Re: log parsing tool? Darren Bolding (Feb 22)
- Re: log parsing tool? Jeff Rooney (Feb 22)
- Re: log parsing tool? fedora fedora (Feb 22)
- Re: log parsing tool? Dale W. Carder (Feb 22)
- Re: log parsing tool? gordon b slater (Feb 22)
- Re: log parsing tool? fedora fedora (Feb 22)
- Re: log parsing tool? Matthew Palmer (Feb 23)