[syslog-ng] few questions about patterndb
Lance Laursen
lance at demonware.net
Thu Jun 24 21:34:52 CEST 2010
On Wed, Jun 23, 2010 at 11:34 PM, Hendrik Pahl <pahl at team-datentechnik.de>wrote:
> Hi,
>
> ...
> > That said, it does not soundlike you need to use it for what you're
> > trying to do.
>
> Okay, i already had the feeling patterndb was not the one really
> giving me a solution. I simply need something to bring down the
> relevant loglines, since 1.5M lines/month in a logfile/different
> logfiles are simply much to much to monitor/read.
>
> Grepping after "error" or "warning" or "failure" is just one approach,
> but never will be the only one, since this might kick out things i
> wanna definitely see.
>
> currently i'm looking at logfiles and size down the amount of lines by
> piping the cat output into sed, which kicks out the informational and
> overhead lines. this ia an iterative apporach, since i refine the sed
> expression time to time.
>
> How are others managing this issue?
>
>
>
Also, aside from the essay I just wrote :), take a look at
http://crunchtools.com/software/petit/ . It should be very useful for any
manual log parsing.
--
Lance Laursen
Demonware Systems Engineer
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20100624/769ed730/attachment.htm
More information about the syslog-ng
mailing list