[syslog-ng]Re: Log analysis

[Brad Stockdale]

Hello all,

    I've been using syslog-ng for about a year now on a centralized logging 
server. It works great! But now I have 9 gigabytes of past logs... haha...

    In any case, I am trying to find a good way to analyze the daily 
logs... Sort of condense them like LogSentry/LogWatch does, but via a web 
interface...

    Can anyone out there recommend a good log analysis package? I started 
to try out lire, but part way through the setup I figured out that it might 
be a pain to try to get lire to understand the log rotations, etc... I 
rotate logs daily with the following directory structure:

/var/log/$IPADDRESS/$4DIGITYEAR/$2DIGITMONTH/$2DIGITDAY/facilitypriority.log

    lire expects the logs to be in /var/log/ and use the normal rotation of 
putting a number at the end of the filename...

    Any thoughts?

Thanks,
Brad