On Nov 6, 2013, at 8:09 PM, Predrag Punosevac <[email protected]> wrote:
> I am soliciting opinions and some guidance on few very general sys admin > questions. > > 1. What do people in general use to parse large amount of log files > received in the form of e-mails? security/logsurfer and similar. I have > seen some in the ports tree. Hey Predrag, At the site I work at we have too many hosts to parse logs with Perl/awk/scripts in other languages. At my site, we've used both Splunk (commercial log aggregator) and Logstash (Apache 2.0) to deal with the sheer number of messages we have. We've gotten rid of Splunk today, largely because it's just too damn expensive. At smaller sites, I've used simple Perl scripts and email to handle log messages. Even at large sites, knowledge of Perl/Shell (not just bash!)/Python have been indispensable. Even more important is to know and identify the right lang for the job. Hope this helps! William Orr [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
