Walter Ian Kaye wrote:
I have no clue where to start. Are these programs in the package meant
to be used in a particular order? I gather that somehow you create a
db and then reference it, but that's all I know. What parameters do I
pass to which programs and when, and is there a particular location
that's best for the db? Does Analog use that db itself, and if so, how
do I make the connection?
There's no overall documentation to answer such questions, so I would
appreciate the wisdom of anyone who understands the programs in the
package.
Each of the programs serves a particular purpose, what you probably want
is the first program in the list, dns-terror, which resolves the
addresses in a log file. You can, but do not have to, store the results
in a database also which you can convert to the Analog DNS cache format
so you can use this directly from analog.
Possible usage scenarios:
* Run logfiles through dns-terror without generating output and
store the lookup results in a database, then convert the database
to the Analog DNS cache format using convert-ip-db, then run
analog on the original log file using the DNS cache (this is the
approach I would recommend)
* Preprocess logfiles and write the resolved logs to a file, then
have analog read that file
* Run logfiles through dns-terror and have analog read from STDIN
* Run dns-terror as a preprocessor from analog
--
Klaus Johannes Rusch
[EMAIL PROTECTED]
http://www.atmedia.net/KlausRusch/
+------------------------------------------------------------------------
| TO UNSUBSCRIBE from this list:
| http://lists.meer.net/mailman/listinfo/analog-help
|
| Analog Documentation: http://analog.cx/docs/Readme.html
| List archives: http://www.analog.cx/docs/mailing.html#listarchives
| Usenet version: news://news.gmane.org/gmane.comp.web.analog.general
+------------------------------------------------------------------------
