On Mon, 8 Jul 2002 Lubomir.Nistorat_private wrote: > another of my ideas is to have a mysql syslog and put data into that.. > of course account should be write only (no delete, no read) > > I'm just working on a centralized log analysis system (with reporting and alerting capabilities). > the automatic log analysis would be difficult (with sql data..) as with large DB it'll get slower and slower.. (I already have several bilions of entries). > > any ideas? http://www.conostix.com/ipfc/ (released under the GNU General Public License) We have some basic correlation. The DB structure is independant so you can correlate what you want. We some user with a lot of entries in the db-backend (including a lot of syslog). http://condor.gmu.edu/~jason/logging/ you can add an easy functionnality to use demux to enter everything in a DB. You should look also to http://www.balabit.hu/en/downloads/syslog-ng/. hope this helps. adulau --------------------------------------------------------------------- To unsubscribe, e-mail: loganalysis-unsubscribeat_private For additional commands, e-mail: loganalysis-helpat_private
This archive was generated by hypermail 2b30 : Mon Jul 08 2002 - 06:14:08 PDT