On Wed, 7 Nov 2018, Rainer Gerhards wrote:
El mar., 6 nov. 2018 a las 23:09, David Lang (<[email protected]>) escribió:
On Tue, 6 Nov 2018, chenlin rao via rsyslog wrote:
> Hello, rsyslog-users:
> I just find an interesting project named sequence in
> https://github.com/zentures/sequence/tree/master/cmd/sequence. It can 'analyze
> a log file and output a list of patterns that will match all the log
> messages'.
> And its document said that it's similar as libnormal, so, I want to
> ask: can lognormalizer support analyze subcommand? Or there are some other
> tools can do it?
> It's so tired to write and modify lots of rulebases/patterns.
There is nothing in liblognorm that will create patterns automatically. I would
have said that anything trying to do this would suffer horribly from false
positives. It would be interesting to adapt this tool to output liblognorm
rules.
actually, I started such a tool. You can do very interesting things
with cluster analysis, especially as we know a lot of logging base
objects (like IP addresses, integers, up to formats like json). But
unfortunately I had no time to complete this (would have loved to...).
Is there enough of this to be worth making the source available for others to
tinker with?
David Lang
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
