[syslog-ng]Perl for log analysis

beproj beproj syslog-ng@lists.balabit.hu
28 Oct 2004 14:38:16 -0000


 This is a multipart mime message


--Next_1098974295---0-203.199.83.38-28898
Content-type: text/html;
	charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

<P>=0ASubject: 1. Perl for log analysis<BR>=0A&nbsp; &nbsp; &nbsp; &nbsp;  =
2. Specimen logs<BR>=0Ahello<BR>=0A1. I am pursuing a project in log analys=
is(mainly attacklogs..security) and i have a doubt regarding general log an=
alyis.<BR>=0A<BR>=0AI would like to know why generally Perl, Python etc. ar=
e used for log analysis. The SYSLOG MODULE support in Perl is one reason. B=
ut a similar library in GNU C lib is available. viz:- syslog.h<BR>=0AWhy th=
en do programmers go for Perl? Is it due to simpler pattern matching techni=
ques available. Same are then available in C viz:- strtok().<BR>=0ASince i =
am new to perl and have to decide which of C and Perl is better for syslog =
log analysis, kindly sugegst the advantages of perl over C wrt log analysis=
.<BR>=0A<BR>=0A2. I want specimen syslog logs esp security...for Red Hat Li=
nux 8.0 Server. Any idea where can i get them?<BR>=0A<BR>=0AThank you in ad=
vance.<BR>=0Abye<BR>=0Abeproj=0A</P>=0A<br><br>=0A<A target=3D"_blank" HREF=
=3D"http://clients.rediff.com/signature/track_sig.asp"><IMG SRC=3D"http://a=
ds.rediff.com/RealMedia/ads/adstream_nx.cgi/www.rediffmail.com/inbox.htm@Bo=
ttom" BORDER=3D0 VSPACE=3D0 HSPACE=3D0></a>=0A
--Next_1098974295---0-203.199.83.38-28898
Content-type: text/plain;
	charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

Subject: 1. Perl for log analysis=0A         2. Specimen logs=0Ahello=0A1. =
I am pursuing a project in log analysis(mainly attacklogs..security) and i =
have a doubt regarding general log analyis.=0A=0AI would like to know why g=
enerally Perl, Python etc. are used for log analysis. The SYSLOG MODULE sup=
port in Perl is one reason. But a similar library in GNU C lib is available=
. viz:- syslog.h=0AWhy then do programmers go for Perl? Is it due to simple=
r pattern matching techniques available. Same are then available in C viz:-=
 strtok().=0ASince i am new to perl and have to decide which of C and Perl =
is better for syslog log analysis, kindly sugegst the advantages of perl ov=
er C wrt log analysis.=0A=0A2. I want specimen syslog logs esp security...f=
or Red Hat Linux 8.0 Server. Any idea where can i get them?=0A=0AThank you =
in advance.=0Abye=0Abeproj
--Next_1098974295---0-203.199.83.38-28898--