A program like freeware Baregrep (http://www.baremetalsoft.com/baregrep/) might be helpful to you.
Do you not regularly cycle your logs and submit them? John C -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Kevin Rogers Sent: Thursday, February 23, 2006 4:49 AM To: sniffer@SortMonster.com Subject: [sniffer] False Positives So when I asked how I would send in false positives, someone mentioned that I should look up the appropriate log entry and send that in. That brings up another question. My log file is 270MB and climbing. I've never opened it cause it's too big. Do you have a reader for your log files? I think it would be nice to have a little list of things to do to send in false positives: 1. Have your users send you the false positive. Save it as an .eml file (?) 2. Look up (somehow) the entry in your log file that corresponds to that .eml file. Copy and paste that text into a new email. 3. Send an email from your primary Sortmonster email address, attaching the .eml file and any log portion as necessary. Is this correct? --- [This E-mail was scanned for viruses.] This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html This E-Mail came from the Message Sniffer mailing list. For information and (un)subscription instructions go to http://www.sortmonster.com/MessageSniffer/Help/Help.html
