[syslog-ng] Software for Analysing and Reporting Syslog Logs
Balazs Scheidler
bazsi at balabit.hu
Tue Dec 7 19:31:17 CET 2010
On Mon, 2010-12-06 at 07:13 -0500, Clayton Dukes wrote:
> Hi Rene,
> Depending on your budget, the following three are a good start:
> LogZilla - http://www.logzilla.info (I am the main developer on this
> one)
> Splunk - http://splunk.com
> LogLogic - http://loglogic.com
It depends on what you mean on "analysing" & "reporting".
patterndb and "pdbtool match" can be a basis for reporting, although
certainly some scripting is required. (the current scope of patterndb is
to contain samples for user login/logout).
See this post for example:
http://bazsi.blogs.balabit.com/2010/07/patterndb-grep-on-steroids/
Or you could check my blog posts tagged "patterndb":
http://bazsi.blogs.balabit.com/tag/patterndb/
Or you could also check out Peter Czanik's blog at, who is currently
maintainer of the patterndb project:
http://czanik.blogs.balabit.com/
If you aim at browsing logs, then the things above are certainly an
option, I'd only add syslog-ng Store Box to the mix, which is a BalaBit
product, although not a free one :)
--
Bazsi
More information about the syslog-ng
mailing list