Check out screend written by Paul Vixie a long time ago. In my past, I
wrote some perl scripts that basically gave the ability to the user to
design a pattern array and count the number of occurrences of certain log
messages, etc, etc. The reporting functionality of those scripts provided
the same ability as shown in some of the earlier FWTK reporting scripts,
but with more flexibility.
Gary White <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
04/05/00 06:52 AM
To: [EMAIL PROTECTED]
cc:
Subject: log analysis patterns...?
Hi-
My e-mail logs are lately full of addresses like the ones below. When
summarizing them I'd like to reduce a list like this to just the common
part
and show them as something like
owner-nolist-nnnnn*jdoe**dept*-domain*[EMAIL PROTECTED]
but my Perl skills fail me in trying to figure out how to do this easily.
Any suggestions for finding patterns like this would be most appreciated.
Thanks!
-Gary
owner-nolist-16081*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16088*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16089*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16090*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16091*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16092*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16093*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16128*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16150*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16151*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16165*jdoe**dept*-domain*[EMAIL PROTECTED]
owner-nolist-16221*jdoe**dept*-domain*[EMAIL PROTECTED]
__________________________________________________________________
Gary White ARCO
[EMAIL PROTECTED] 2300 W Plano Parkway
(972) 509-6554 Plano, Texas 75075
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
