On Mon, 2010-12-06 at 07:13 -0500, Clayton Dukes wrote:
Hi Rene, Depending on your budget, the following three are a good start: LogZilla - http://www.logzilla.info (I am the main developer on this one) Splunk - http://splunk.com LogLogic - http://loglogic.com
It depends on what you mean on "analysing" & "reporting". patterndb and "pdbtool match" can be a basis for reporting, although certainly some scripting is required. (the current scope of patterndb is to contain samples for user login/logout). See this post for example: http://bazsi.blogs.balabit.com/2010/07/patterndb-grep-on-steroids/ Or you could check my blog posts tagged "patterndb": http://bazsi.blogs.balabit.com/tag/patterndb/ Or you could also check out Peter Czanik's blog at, who is currently maintainer of the patterndb project: http://czanik.blogs.balabit.com/ If you aim at browsing logs, then the things above are certainly an option, I'd only add syslog-ng Store Box to the mix, which is a BalaBit product, although not a free one :) -- Bazsi