El mar., 6 nov. 2018 a las 23:09, David Lang (<[email protected]>) escribió: > > On Tue, 6 Nov 2018, chenlin rao via rsyslog wrote: > > > Hello, rsyslog-users: > > I just find an interesting project named sequence in > > https://github.com/zentures/sequence/tree/master/cmd/sequence. It can > > 'analyze > > a log file and output a list of patterns that will match all the log > > messages'. > > And its document said that it's similar as libnormal, so, I want to > > ask: can lognormalizer support analyze subcommand? Or there are some other > > tools can do it? > > It's so tired to write and modify lots of rulebases/patterns. > > > There is nothing in liblognorm that will create patterns automatically. I > would > have said that anything trying to do this would suffer horribly from false > positives. It would be interesting to adapt this tool to output liblognorm > rules.
actually, I started such a tool. You can do very interesting things with cluster analysis, especially as we know a lot of logging base objects (like IP addresses, integers, up to formats like json). But unfortunately I had no time to complete this (would have loved to...). Rainer _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
