Bill Campbell wrote:
On Tue, Jan 08, 2008, Ugo Bellavance wrote:
Joseph L. Casale wrote:
Given my experience in Linux is limited currently, what do you guys use
to monitor logs such as ?messages? on your centos servers? I had a
hardware failure that happened in between me manually looking (of
course?). I would hope it might have a some features to email critical
issues etc?
logwatch is a good start.
Get the latest version from www.logwatch.org. Runs automatically daily
and sends output to root.
Isn't logwatch standard in CentOS installations?
Yes, but an outdated version.
Swatch monitors one or more log files in real time, with options
to report events immediately, or after some number of repeations
in a specified time period (e.g. report immediately if a network
interface goes into permiscuous mode, but only report something
else if there are ``n'' occurrences within a minute).
I've attached the swatchrc configuration file from this machine
which has several examples.
Thanks, I tried it once, but got swamped with e-mails. I'll give it
another try. Is it good with big log files? I tried the check_log
plugin for nagios, but it generated way too much I/O and timed out most
of the time.
Regards,
Ugo
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
