K.S. Bhaskar on 23 Mar 2011 14:38:37 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Is there a better name for...

So you want an intelligent logcheck?  Why not logczech?  [Ducks for cover...]

-- Bhaskar

On Wed, Mar 23, 2011 at 4:23 PM, JP Vossen <jp@jpsdomain.org> wrote:
> ...a "log check"?
> I've talked about this before, there is a package in Debian & Ubuntu, and a
> project site:
> * logcheck - mails anomalies in the system logfiles to the administrator
> * http://logcheck.org/
> The idea is simple at a high level and works really well, though there can
> be implementation gotchas.
> You take your logs, or output, or whatever and:
> 1) Remove stuff you recognize and don't care about
> 2) Find stuff you *know* is bad, but then remove stuff that only *looks* bad
> 3) Take the remainder
> So you end up with 2 buckets:
> A) Stuff you know is bad
> B) Stuff you don't recognize (so either it's bad or you tune it out)
> Then over time you tune your patterns (usually regular expressions) to
> reduce "B."
> This turns out to be really useful for log monitoring, or handling the
> output from long noisy processes (like compiles that don't set good exit
> codes).
> To the best of my knowledge [1], Marcus J. Ranum and Fred Avolio wrote the
> oldest implementation in this context with the 'frequentcheck.sh' script for
> TIS Gauntlet, circa early 1990's. ÂBut it seems like it should be a basic
> sort of "Computer Science" thing, related to filtering or something. ÂSo,
> can anyone think of a better name and/or older example for this process or
> concept?
> Thanks,
> JP
> ____________________
> Footnote:
> [1] http://logcheck.org/docs/README-psionic
> ----------------------------|:::======|-------------------------------
> JP Vossen, CISSP Â Â Â Â Â Â|:::======| Â Â Âhttp://bashcookbook.com/
> My Account, My Opinions   |=========|   Âhttp://www.jpsdomain.org/
> ----------------------------|=========|-------------------------------
> "Microsoft Tax" = the additional hardware & yearly fees for the add-on
> software required to protect Windows from its own poorly designed and
> implemented self, while the overhead incidentally flattens Moore's Law.
> ___________________________________________________________________________
> Philadelphia Linux Users Group     --    Âhttp://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion Â-- Â http://lists.phillylinux.org/mailman/listinfo/plug

Windows does to computers what smoking does to humans
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug