[syslog-ng] Looking for syslog log analyzer
Rob Munsch
rmunsch at solutionsforprogress.com
Wed Mar 7 17:09:52 CET 2007
Mike Tremaine wrote:
> Hari Sekhon wrote:
>> I'm also interested in something like this.
>>
>> The other alternative is to have a second destination which is text
>> based. You can then use an analyzer on this.
>> Unfortunately, when I tried this using logwatch on the text files,
>> logwatch was so inefficient that it took more than a day to analyze
>> one day's logs (single file around 11MB)!
>>
> What kind of processor/mem specs do you have? 11MB is not that bad I
> have maillogs that get run against logwatch every day much bigger then
> that.
Before this goes somewhere else entirely, the OP asked
> logs stored in MySQL.
and i'd be very interested in that myself, as i (as does i suspect the
OP) have syslog-ng in a central host that accepts remote hosts' logs,
and shoves them all into a MySQL database.
More information about the syslog-ng
mailing list