Tom Metro wrote: > Mike Sprague wrote: > I don't have a recommendation on the analysis side, but you might want > to start there and work backwards, as it will likely dictate or at least > influence how the data is gathered and stored.
logpp (log preprocessor - to eliminate log messages you don't care about) and sec (simple event correlator) can be used together for useful analysis of large amounts of log data. There was a presentation on using nagios + sec at bblisa a while back (should be easy to find notes on that via google), but patch only works up to nagios 2.9 at the moment. -- Daniel JB Clark | Sys Admin, Free Software Foundation pobox.com/~dclark | http://www.fsf.org/about/staff#danny
signature.asc
Description: OpenPGP digital signature
_______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
