[syslog-ng] few questions about patterndb
Clayton Dukes
cdukes at gmail.com
Thu Jun 24 21:43:19 CEST 2010
Hey Lance,
I'll have you know the new version of LogZilla can process 20k
messages per second :-)
Which isn't syslog-ng good, but pretty good nonetheless ;-)
______________________________________________________________
Clayton Dukes
______________________________________________________________
On Thu, Jun 24, 2010 at 3:34 PM, Lance Laursen <lance at demonware.net> wrote:
>
> On Wed, Jun 23, 2010 at 11:34 PM, Hendrik Pahl <pahl at team-datentechnik.de>
> wrote:
>>
>> Hi,
>>
>> ...
>> > That said, it does not soundlike you need to use it for what you're
>> > trying to do.
>>
>> Okay, i already had the feeling patterndb was not the one really
>> giving me a solution. I simply need something to bring down the
>> relevant loglines, since 1.5M lines/month in a logfile/different
>> logfiles are simply much to much to monitor/read.
>>
>> Grepping after "error" or "warning" or "failure" is just one approach,
>> but never will be the only one, since this might kick out things i
>> wanna definitely see.
>>
>> currently i'm looking at logfiles and size down the amount of lines by
>> piping the cat output into sed, which kicks out the informational and
>> overhead lines. this ia an iterative apporach, since i refine the sed
>> expression time to time.
>>
>> How are others managing this issue?
>>
>>
>
> Also, aside from the essay I just wrote :), take a look
> at http://crunchtools.com/software/petit/ . It should be very useful for any
> manual log parsing.
>
> --
> Lance Laursen
> Demonware Systems Engineer
>
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation:
> http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>
>
More information about the syslog-ng
mailing list