Tina Bird <tbird@precision-guesswork.com> 20/08/2002 10:35 PM Sent by: loganalysis-adminat_private Look, everyone, presumably at least some of us have access to log data on a "live server." I posit that we'll learn really really interesting things by taking a day's or a week's worth of data and looking at the messages. We're not building a standard here, I'm after quick and dirty. Guidance for someone just starting out. hmm we are about to try and get our syslog-ng logs to integrate with Tivoli Risk Manager... guess we'll be doing exactly what you are talking about - building a basic template of what is "normal" (my pref - Marcus' artificial ignorance method..) and teaching RM what it should look for.. I'll keep y'all posted :}.. Cheers, Bret [This e-mail is confidential and may also be privileged. If you are not the intended recipient, please delete it and notify us immediately; you should not copy or use it for any purpose, nor disclose its contents to any other person. Thank you.] _______________________________________________ LogAnalysis mailing list LogAnalysisat_private https://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Tue Aug 20 2002 - 17:39:37 PDT