I like SEC (simple event correlator), available from http://kodu.neti.ee/~risto/sec/. Perl script, has a lot of nice features for dispatching actions on log entries (including suppression). Takes some effort to set up the rules as you want them, tho. >From the README: SEC is a simple event correlation tool that reads lines from a file, named pipe or standard input, and matches the lines with regular expressions to recognize input events. Events are then correlated according to the rules in configuration file, producing output events by executing user-specified shell commands. On Wed, 2003-11-12 at 04:26, Florian Laws wrote: > Hallo, > > sorry for the probably trivial question. > > I'm looking for a syslog log checker that sends me > all unknown log entries (with context if possible) > that can then be configured to ignore known harmless > log entries. > It seems that logcheck can do that, but maybe there > are better tools for that? > > Thanks in advance, > > Florian > _______________________________________________ > LogAnalysis mailing list > LogAnalysis@private > http://lists.shmoo.com/mailman/listinfo/loganalysis -- Alan Sparks, Sr. UNIX Administrator asparks@private Quris, Inc. (720) 836-2058 _______________________________________________ LogAnalysis mailing list LogAnalysis@private http://lists.shmoo.com/mailman/listinfo/loganalysis
This archive was generated by hypermail 2b30 : Thu Nov 13 2003 - 08:57:57 PST