[syslog-ng]Conditional logic
Gregor Binder
gb@rootnexus.net
Tue, 15 Jan 2002 20:51:16 +0100
David Monk on Tue, Jan 15, 2002 at 01:25:11PM -0600:
Hi David,
> It would be great to get paged when the same host repeated gets a
> DENY to the same resource. One or two attempts at the same
> resource could very easily be accidental in one way or another,
> but repeated attempts at the same resource from the same host
> might deserve a little more attention.
I think you will always have to implement this sort of logic with log
analysis tools. I don't think syslog-ng is headed to become one, and
I appreciate this, too. Doing one job very well.
syslog-ng is my favorite log "sink" ... any analysis to be done with the
resulting files is done with appropriate other tools. Try swatch, log-
surfer et al.
Regards,
--
____ ____
/ _/| - > Gregor Binder <gb@(rootnexus.net|sysfive.com)>
| / || _\ \
\__ Id: 0xE2F31C4B Fp: 8B8A 5CE3 B79B FBF1 5518 8871 0EFB AFA3 E2F3 1C4B