I'll second this, SEC is very powerful, and the powerful features are complex to
setup, but if you are just doing simple things, it's not that hard to setup.
I have an introduction to SEC article that is going to print in the December
;login:, I'll send a copy of the article to James to hopefully get it started (I
can't send it to the list before publication date)
Davdi Lang
On Mon, 4 Nov 2013, Mike
Robinson wrote:
SEC is not as complex to set up as the tutorial makes it look. I'd give it an
afternoon, and I almost guarantee you'll have a working setup by the end of the
day.
Potentially http://logcheck.org or logwatch could be the tool you want. I
haven't dug in with either in a while...
m.
On Nov 4, 2013, at 9:28 AM, James R Grinter <[email protected]> wrote:
I'm looking for a Unix log monitoring script that is functional and
straightforward to configure.
(I've just wasted an afternoon with the latest version of 'swatch' that I can find, from April
2013. Its configuration seems so brittle and hard to debug and I don't really have the time to
dig deeper into its byzantine "create a Perl script on the fly" behaviour to
understand why my attempt at a simple configuration generates errors like [sh: -c: line 0:
unexpected EOF while looking for matching `"'])
I have a number of different log files each which may report different things
of interest to me, so I'm ideally looking for a tool that can be configured
with multiple configuration files (e.g. one per log file). But I don't really
want to have to manage many different services/running daemons in order to do
that (SEC - Simple Event Correlator - may be able to do this, but the online
tutorial makes configuring it look very complicated.)
I'm not really looking for a tool as complex and powerful as Splunk or greylog,
either. Something that can watch a log file, match a pattern, and execute a
command is all I need right now.
James.
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
_______________________________________________
Tech mailing list
[email protected]
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
