[CentOS] resource efficient log scanning tools
Nataraj
incoming-centos at rjl.com
Fri Jun 8 23:53:31 UTC 2012
On 06/08/2012 02:48 PM, Steven Tardy wrote:
> simple-evcorr.sourceforge.net (sec.pl)
> the rules are a bit of a bear to learn, but it can do anything.
> 300 syslogs/second using ~5% cpu and 20MB of ram with 600+ rules.
>
> On 06/08/2012 04:26 PM, Nataraj wrote:
>> I'm looking for a logfile scanner that can search for regular
>> expressions in logfiles and send immediate email notifications. I'd
>> like to try to find something that doesn't use huge amounts of memory.
>> I'm currently running fail2ban and used it to do some of this scanning,
>> but I'm finding that it can suck up memory and CPU resources when there
>> is a lot of logging going on.
>>
>> I am aware of swatch, but most people say that it is pretty resource
>> intensive as well. I came across logsurfer in google search and was
>> wondering if anyone has experience with it or what other good
>> alternatives might exist.
>>
>> While fancy features are nice, I'm willing to forgo them for lower
>> resource consumption.
>>
>> Thanks,
>> Nataraji
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
Thank you. sec looks like a useful tool. I will try it.
Nataraj
More information about the CentOS
mailing list