28 Oct
2004
28 Oct
'04
5:13 p.m.
On Thu, 28 Oct 2004, beproj beproj wrote:
I would like to know why generally Perl, Python etc. are used for log analysis. The SYSLOG MODULE support in Perl is one reason. But a similar library in GNU C lib is available. viz:- syslog.h Why then do programmers go for Perl? Is it due to simpler pattern matching techniques available.
Ease and speed of development. I use a POE based setup that takes a feed from syslog-ng, I can update all of my rules on-the-fly without stopping my analyzer or having to recompile it. Using an interpreted language for your rules is a huge win on this front. - billn