On May 11, 2006, at 6:51 AM, Arya, Manish Kumar wrote:
Hi Guys,
I am storing logs on a central server having 3T SAN, using follwing template
destination indexlog {
file("/logs/log01/indexlog/$YEAR/$MONTH/$DAY/$HOST"
template("$HOUR:$MIN:$SEC,$PROGRAM,$FACILITY,$PRIORITY,$MSGONLY\n") template-escape(yes) owner(root) group(root) perm(0644) dir_perm(0755) create_dirs(yes)); };
my logging is done perfectly :)
like /logs/log01/indexlog/2006/05/11/hostnames
I want to have a GUI to view logs with following facilities
-search logs on basis on date/time, text patterns in messages,hostnames.
http://www.cs.sandia.gov/sisyphus/ mines patterns, but does not have a production GUI (yet). It is more of a research tool at this point, but I would be happy to help you give it a try. Recent emphasis has been on the functionality described in .../detection.pdf. Please let me know if interested, like I said I'd be happy to help, and am in fact looking for additional datasets to analyze; I find my approach to be effective for supercomputer logs, but have not yet explored its effectiveness for other log sets (eg enterprise). I've been waiting to implement a production GUI until I am confident that the underlying functionality is general and excellent. My current leaning is towards adding sisyphus functionality to splunk's interface (and have contacted splunk about this). G'day! -- +--------------------------------------------------------------+ | Jon Stearley (505) 845-7571 (FAX 844-9297) | | Sandia National Laboratories Scalable Systems Integration | +--------------------------------------------------------------+