-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I have a few custom logs that I generate for a variety of tasks, but these aren't necessarily in a specific format. For instance, one of these logs is output from awstats and looks something like this :
Running '"/usr/local/awstats/wwwroot/cgi-bin/awstats.pl" -update -config=www.example.com -configdir="/etc/awstats"' to update config www.example.com Create/Update database for config "/etc/awstats/awstats. www.example.com.conf" by AWStats version 7.0 (build 1.971) - From data in log file "/var/www/www.example.com/logs/access_log"... Phase 1 : First bypass old records, searching new record... Direct access to last remembered record is out of file. So searching it from beginning of log file... Jumped lines in file: 0 Parsed lines in file: 0 Found 0 dropped records, Found 0 comments, Found 0 blank records, Found 0 corrupted records, Found 0 old records, Found 0 new qualified records. I'd like to use ossec to monitor this log and report any errors that may crop up. I'm a bit stuck on what log format to use, though. Any thoughts? - --------------------------- Jason 'XenoPhage' Frisvold [email protected] - --------------------------- "Any sufficiently advanced magic is indistinguishable from technology." - - Niven's Inverse of Clarke's Third Law -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iEYEARECAAYFAk4kTYkACgkQ8CjzPZyTUTQntgCfV/dpSUaGNUAJwEvcMkNhYxZt 0AYAn14rIWGuG/OgVBzUW6WWw23Hgjjm =MAkD -----END PGP SIGNATURE-----
