PaulDotCom mailing list archives
your log management tools of choice?
From: paul at pauldotcom.com (Paul Asadoorian)
Date: Fri, 05 Jun 2009 13:43:01 -0400
Great question Andrew! I guess let me start with some background. When I used to work for "the university" we did a lot with syslog. I used to syslog everything, firewalls (including packet logs!), systems, IDS, routers, and switches. I never had much budget to throw at some high end systems to analyze the logs (nor did I particularly care for what was on the market at the time, which was a few years ago now). So, I syslog'd everything to a Linux server and used command line tools (sed/awk/grep primarily) to find EOI (events of interest). It worked quite well (in fact I with cron I was able to pull more/better information out of my logs than most with commercial tools *at the time*). So, thats where my crappy command line kung fu came from ;) In fact many of the commands I ran can be found on www.commandlinekungfu.com, except now Hal has corrected me and made the techniques simpler and faster. I also recommend the O'rielly books "Sed and Awk" and the "Bash Shell". <shameless-biased-plug>Tenable now makes products that do this, and I have to say as I work with them now I find myself saying, "Wow, I wish I had this when I used to work for 'the university'" :)</shameless-biased-plug> Cheers, Paul Andrew Anderson wrote:
Just trying to wade though the choices... Looking for recommendations for syslog parsing and management tools. (post gathering). ------------------------------------------------------------------------ _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552
Current thread:
- your log management tools of choice?, (continued)
- your log management tools of choice? John Lowry (Jun 05)
- your log management tools of choice? Michael Douglas (Jun 05)
- your log management tools of choice? scott burkhart (Jun 05)
- your log management tools of choice? Andrew Anderson (Jun 05)
- your log management tools of choice? Keith Pawson (Jun 08)
- your log management tools of choice? Chris Bentley (Jun 09)
- your log management tools of choice? Jack Daniel (Jun 09)
- your log management tools of choice? William Hooper (Jun 09)
- your log management tools of choice? Jody & Jennifer McCluggage (Jun 09)
- your log management tools of choice? Ron Gula (Jun 10)
- your log management tools of choice? Tim Mugherini (Jun 05)
- your log management tools of choice? Nicholas B. (Jun 06)
- your log management tools of choice? Ron Gula (Jun 07)