Greetings!
Leon Mols wrote:
> As the subject says, is anyone out there using Webtrends Firewall suite for FW
> log analysis?
> I downloaded a trial version and am pretty impressed with what I see, but if
> someone has more experience with it (both negative and positive) I would like to
> hear from them, before I start begging to my boss :-)
I only worked with the Webserver edition (WebTrends Log Analyzer). Some problems I
stumbled over:
* Limited range of "top" listings: some oprions only are available up to top 24,
no more.
* Memory hog, esp. for big logs (for 20GB logs you need 0.5-1 GB RAM).
This will be making analysis impossible for some log file sizes.
* Not too much speed. My self-programmed (plain C), hand-optimized log
analyzers only needed
minutes where WebTrends needed hours (and perl scripts days to weeks).
But the latter problems only occur when trying to analyze BIG logs. I think for the
really nasty jobs (GBs to TBs of log data) one should first push the most important
parts of data into a reliable database and use optimized queries/scripts on that.
Bye
Volker
begin:vcard
n:Tanger;Volker
tel;fax:+49 - 69 - 92901-213
tel;work:+49 - 69 - 92901-570
x-mozilla-html:FALSE
url:http://www.res.globalone.net/
org:Global One;Global Project Engineering
version:2.1
email;internet:[EMAIL PROTECTED]
title:Sr. Security Engineer
adr;quoted-printable:;;Stiftstrasse 23=0D=0A;Frankfurt;;60313;Germany
note;quoted-printable:Room 608=0D=0A
fn:Volker Tanger
end:vcard
