| K.S. Bhaskar on 23 Mar 2011 14:38:37 -0700 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] Is there a better name for... |
So you want an intelligent logcheck? Why not logczech? [Ducks for cover...] Regards -- Bhaskar On Wed, Mar 23, 2011 at 4:23 PM, JP Vossen <jp@jpsdomain.org> wrote: > ...a "log check"? > > I've talked about this before, there is a package in Debian & Ubuntu, and a > project site: > * logcheck - mails anomalies in the system logfiles to the administrator > * http://logcheck.org/ > > The idea is simple at a high level and works really well, though there can > be implementation gotchas. > > You take your logs, or output, or whatever and: > 1) Remove stuff you recognize and don't care about > 2) Find stuff you *know* is bad, but then remove stuff that only *looks* bad > 3) Take the remainder > > So you end up with 2 buckets: > A) Stuff you know is bad > B) Stuff you don't recognize (so either it's bad or you tune it out) > > Then over time you tune your patterns (usually regular expressions) to > reduce "B." > > This turns out to be really useful for log monitoring, or handling the > output from long noisy processes (like compiles that don't set good exit > codes). > > To the best of my knowledge [1], Marcus J. Ranum and Fred Avolio wrote the > oldest implementation in this context with the 'frequentcheck.sh' script for > TIS Gauntlet, circa early 1990's. ÂBut it seems like it should be a basic > sort of "Computer Science" thing, related to filtering or something. ÂSo, > can anyone think of a better name and/or older example for this process or > concept? > > > Thanks, > JP > ____________________ > Footnote: > [1] http://logcheck.org/docs/README-psionic > ----------------------------|:::======|------------------------------- > JP Vossen, CISSP      Â|:::======|   Âhttp://bashcookbook.com/ > My Account, My Opinions   |=========|   Âhttp://www.jpsdomain.org/ > ----------------------------|=========|------------------------------- > "Microsoft Tax" = the additional hardware & yearly fees for the add-on > software required to protect Windows from its own poorly designed and > implemented self, while the overhead incidentally flattens Moore's Law. > ___________________________________________________________________________ > Philadelphia Linux Users Group     --    Âhttp://www.phillylinux.org > Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce > General Discussion Â--  http://lists.phillylinux.org/mailman/listinfo/plug > -- Windows does to computers what smoking does to humans ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug