Thanks anton. So, I must extract hundreds of pattern manually. :( Regards --- On Fri, 13/8/10, Anton Chuvakin <anton@chuvakin.org> wrote: From: Anton Chuvakin <anton@chuvakin.org> Subject: Re: [syslog-ng] Pattern extraction To: "Syslog-ng users' and developers' mailing list" <syslog-ng@lists.balabit.hu> Date: Friday, 13 August, 2010, 7:18 PM
I dont know how can i extract pattern form logs, I must check every log type separately?, using pattern recognition methods? or using pattern database (if exist for all aplication and device)?
Well, this is not just you - it is "you and the rest of the world." The standard way is pretty much to manually (or with tools - but still mostly manually) write regular expressions for every distinct log message type. -- Dr. Anton Chuvakin Site: http://www.chuvakin.org Blog: http://www.securitywarrior.org LinkedIn: http://www.linkedin.com/in/chuvakin Consulting: http://www.securitywarriorconsulting.com Twitter: @anton_chuvakin Google Voice: +1-510-771-7106 ______________________________________________________________________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng FAQ: http://www.campin.net/syslog-ng/faq.html