On Fri, Apr 16, 2010 at 11:45 AM, David Miller <david3d@xxxxxxxxx> wrote:
I recently ran across the Octopussy project which looks interesting. I haven't tried it out yet though. Can't say that I like the url too much either. http://www.8pussy.org/doku.php
--
DavidOn Fri, Apr 16, 2010 at 11:38 AM, <rainer@xxxxxxxxxxxxxxx> wrote:
Good question.> Hi
>
> I am using rsyslog to get logs to a central box and they are stored in the
> format of
>
> /<hostname>/<year>/<month>/<day>/<logfilename>
>
> I need a solution that can trawl through these directories and pick up
> exceptions like failed logons and sudo usage that sort of thing.
>
> Has anyone got any clues as to what might help to achieve this, i am
> looking
> into logsurfer but not sure if this handles the directory structure
> nicely.
>
> thanks for any tips
How many servers do you have to collect logs from?
I'd like to hear of people who have used both Splunk and/or prelude in an
environment with, say, 500<x<1000 servers, for collection of logs and can
voice a few opinions.
The problem, as the author recognizes, is not collection but retrieval and
processing (a cron-job that deletes them periodically does not qualify as
"processing"...).
Rainer
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
Doh sorry for the top post. Need to pay more attention to that with gmail.
--
David
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos