Re: [logs] Central log analysis system

• Previous message: Hector kassef Smith .: "[logs] Fwd: Firewall logs"
• In reply to: 吴海燕: "[logs] Central log analysis system"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

吴海燕 wrote:
> Hi,
>
>      In our Data Center , we build a central log analysis system. We use
> syslog-ng as our central log server . Now about forty web servers,
> database servers and application servers forward their syslog records to
> the central log server.  Logwatch is used as log analysis software, it
> analize syslog record it received and send result to the correspondent
> system administer. We use logwatch's default configuration.
>
>       What's  confusing me now is how to move on . Because  logwatch is
> too simple , it can not find out all the problems ,such as "file system
> is full ". Can any experienced person give me some advice.

Hi,

I may advice you,  as always on this forum when possible, sec:

http://www.estpak.ee/~risto/sec/

It is far more powerful then Logwatch and solved all my problems.

Regards,

Alek

_______________________________________________
LogAnalysis mailing list
LogAnalysisat_private
http://lists.shmoo.com/mailman/listinfo/loganalysis

• Next message: McGuire, Dennis: "RE: [logs] state machines and (automated) log analysis -- any too ls?"
• Previous message: Hector kassef Smith .: "[logs] Fwd: Firewall logs"
• In reply to: 吴海燕: "[logs] Central log analysis system"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Feb 20 2003 - 06:53:38 PST