On Wednesday 20 September 2006 10:07, Greg Twyford wrote: > When I used Smoothwall it's logs were indeed checkable in the way you > describe. I did check them from time to time, but the key is having the > capacity to understand what the logs are telling you. Most end-users, > including GPs, don't possess this skills, nor the time.
This is why tools like "logcheck" are so valuable. They sift through the logs and pick out the anomalies that SHOULD be interesting to the human observer, hiding the less important bits until I need to do an in depth analysis. Nowadays I spend maybe ten minutes a day to check the logcheck reports of a total of 17 servers - for a single server it takes one glance at the logcheck report, typically a single page email a day (in 6-hourly installations) Going manually through detailed logs is a horrible Sysiphus task and should be reserved for forensic occasions Horst _______________________________________________ Gpcg_talk mailing list [email protected] http://ozdocit.org/cgi-bin/mailman/listinfo/gpcg_talk
