Re: log parsing tool?

2010-02-23 Thread Matthew Palmer
On Mon, Feb 22, 2010 at 04:15:22PM -0600, fedora fedora wrote: > Anyone has good recommendations for an open-sourced log parsing and > analyzing application? It will be used to work with syslog-ng and other > general syslog and application logs. > > I have been looking at swatch and logwatch, but

Re: log parsing tool?

2010-02-22 Thread gordon b slater
On Mon, 2010-02-22 at 18:14 -0600, Dale W. Carder wrote: > Take a look at SLCT, also by Risto Vaarandi: > > http://ristov.users.sourceforge.net/slct/ > > SLCT can parse huge amounts of logs very fast. We use it to > crunch firewall logs and also to find ports that are flapping > excessively. +1

Re: log parsing tool?

2010-02-22 Thread Dale W. Carder
On Feb 22, 2010, at 4:49 PM, fedora fedora wrote: > ah, never heard of SEC before and it really looks interesting, Take a look at SLCT, also by Risto Vaarandi: http://ristov.users.sourceforge.net/slct/ SLCT can parse huge amounts of logs very fast. We use it to crunch firewall logs and also to

Re: log parsing tool?

2010-02-22 Thread fedora fedora
ah, never heard of SEC before and it really looks interesting, Thanks everyone for the great input! FD On Mon, Feb 22, 2010 at 4:34 PM, Jeff Rooney wrote: > I personally like SEC (Simple Event Correlator), check out > http://simple-evcorr.sourceforge.net/ > > Jeff Rooney > jtroo...@nexdlevel.c

Re: log parsing tool?

2010-02-22 Thread Jeff Rooney
I personally like SEC (Simple Event Correlator), check out http://simple-evcorr.sourceforge.net/ Jeff Rooney jtroo...@nexdlevel.com On Mon, Feb 22, 2010 at 4:15 PM, fedora fedora wrote: > Greetings, > > Anyone has good recommendations for an open-sourced log parsing and > analyzing application

Re: log parsing tool?

2010-02-22 Thread Darren Bolding
SEC (Simplet Event Correlator) is a very effective tool for this, IMHO. I am by no means an expert with it, but I know several people who are, and while it is not as well known as splunk or some other tools, I have been very impressed by the results I've seen using it. As with any event correlati

Re: log parsing tool?

2010-02-22 Thread Steven J. Hutchison
Splunk ZanOSS PHP-Syslog-NG aka logzilla LogLogic On 2/22/10 3:15 PM, "fedora fedora" wrote: > Greetings, > > Anyone has good recommendations for an open-sourced log parsing and > analyzing application? It will be used to work with syslog-ng and other > general syslog and application logs. >

log parsing tool?

2010-02-22 Thread fedora fedora
Greetings, Anyone has good recommendations for an open-sourced log parsing and analyzing application? It will be used to work with syslog-ng and other general syslog and application logs. I have been looking at swatch and logwatch, but would like to find out if there are other good choices, thank