I have a linux syslog server set up to centralize logging of all event viewer messages on my (30) Win2k servers via the Eventlog to Syslog utility. My question to the group now is, how do you guys typically deal with all that info? do you parse it with a perl script for errors and ignore the rest or have an email generated when a critical error occurs or just(god forbid) go thru them all each morning. I'm the only admin here and dealing with 30 server's logs can really eat a huge chunk of my day. is ther a better cheap(free) way to optimize this?
thanks. List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
