Hello, That's a great post, simple and straight. You'll have of course your reasons for doing so and I have to admit that I mostly use the same strategy. However, one not so minor detail in my strategy is different. Where you are looking for interesting items and emails those to the selected staff I unselect uninteresting messages and post the remaining messages to : - known messages to the operators for that software package, - unknown messages to the security officers. The latter because I never know beforehand what's going on. Regards, Fred Hal Snyder wrote: > > Not sure exactly what "building an enterprise logging infrastructure" > is, but here is an offering based on several years' experience with > the data network for a small computer telephony company. > > As you will see, I have trouble separating logging from monitoring. > > HTH. > > <<big snip>> > > 6. Keep log delivery simple. > > Keep to an absolute minimum the number of steps between the > system creating log information and the person who needs it. The > more complex a system is to configure and maintain, the less > likely it is to be used. Avoid glitz and eye candy. > > The #1 most successful use of logging we have today simply scoops > up new log content, looks for interesting items, and emails > selected staff. This is after multiple generations of all sorts of > more complicated stuff. We still run fancy GUIfied monitoring > screens, but that is mainly for the visitors. :) -- Fred Mobach - fredat_private - postmasterat_private Systemhouse Mobach bv - The Netherlands - since 1976 quo usque tandem abutere patientia nostra de fenestris ? --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Thu Oct 11 2001 - 12:40:29 PDT