[syslog-ng] patterndb: collect login/logout samples
Balazs Scheidler
bazsi at balabit.hu
Wed Jul 28 20:27:17 CEST 2010
On Tue, 2010-07-13 at 17:12 -0600, Patrick H. wrote:
> Sent: Tuesday, July 13, 2010 5:25:13 AM
> From: Balazs Scheidler <bazsi at balabit.hu>
> To: syslog-ng at lists.balabit.hu
> Subject: [syslog-ng] patterndb: collect login/logout samples
> > Hi,
> >
> > After getting the generic patterndb policy into shape, I'd like to start
> > collecting log samples, preferably in a domain that is useful for
> > everyone.
> >
> > My target is at first is login/logout/login failure events. I'd start
> > with a generic Linux installation and try to cover all applications that
> > perform authentication.
> >
> I took a look at that pdb format and was lost. I'll probably learn it
> eventually, but would just make a mess of it if I tried now. But here
> are a lot of examples that havent been provided yet.
> All messages were generated from RHEL 5 servers
>
[snip]
> VMware server messages are the exact same for both remote console
> application and web UI.
Thanks for all the samples that you sent, I've finished marked up all of
these, except for the vmware stuff, but I hope to finish that in the
coming days.
This means that I've almost finished with everything that anyone posted
to this list so far. Thanks for everyone.
--
Bazsi
More information about the syslog-ng
mailing list