improving signal to noise ratio from centralized network syslogs

• Previous message (by thread): improving signal to noise ratio from centralized network syslogs
• Next message (by thread): improving signal to noise ratio from centralized network syslogs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5 February 2018 at 18:57,  <valdis.kletnieks at vt.edu> wrote:
> On Mon, 05 Feb 2018 10:49:42 -0800, "Scott Weeks" said:
>> I have no knowledge of syslog-ng.  Does it do the
>> real time scrolling like I mention?
>
> Use 'tail -f' or similar.

The only problem is that with BASH based solutions is that they are
slow. They don't scale well.

Some years ago I wrote a script that would periodically (every 5
minutes by default) grep for interesting events / filter uninteresting
events from the syslog file and email you the results. It's here if
anyone is interested: https://null.53bits.co.uk/index.php?page=sysgrep

It's OK for a small network or small number of devices but it doesn't
scale well. Having said that, it's better than nothing and costs $0
(which exactly why I used it in the first place).

Cheers,
James.

• Previous message (by thread): improving signal to noise ratio from centralized network syslogs
• Next message (by thread): improving signal to noise ratio from centralized network syslogs
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]