Log analysis tools

Peter Polkinghorne Peter.Polkinghorne at brunel.ac.uk
Mon Jul 31 11:09:47 GMT 2000

Keith G. Murphy said:
> That looks quite slick.

> Two questions:
> (1) Have you looked at SyslogScan::SyslogEntry.pm?  Does some of the
> work for you.  Most useful if you scan different kinds of logs and
> would like to use the same interface.
No - I have not - but would be a good idea it seems.  I find it hard
at time to keep up with number of Perl modules that exist!

> (2) How do you get the connections logged by syslog?  I've tried
> various combinations of 'syslog level' and 'syslog only' and can't
> seem to pull it off. 

Well I do have a slight mod to use AUTH facility for logging connections.
But that is purely for local convention.
But I have (for Solaris):

# get syslog to see right stuff
    syslog = 2

(syslog only is left at default of no).

Note the new utmp stuff offers another route for aggregating usage statitics.

| Peter Polkinghorne, Computer Centre, Brunel University, Uxbridge, UB8 3PH,|
| Peter.Polkinghorne at brunel.ac.uk   +44 1895 274000 x2561       UK          |

More information about the samba mailing list