On Fri, Apr 16, 2010 at 11:45 AM, David Miller <david3d at gmail.com> wrote: > I recently ran across the Octopussy project which looks interesting. I > haven't tried it out yet though. Can't say that I like the url too much > either. http://www.8pussy.org/doku.php > -- > David > > On Fri, Apr 16, 2010 at 11:38 AM, <rainer at ultra-secure.de> wrote: > >> > Hi >> > >> > I am using rsyslog to get logs to a central box and they are stored in >> the >> > format of >> > >> > /<hostname>/<year>/<month>/<day>/<logfilename> >> > >> > I need a solution that can trawl through these directories and pick up >> > exceptions like failed logons and sudo usage that sort of thing. >> > >> > Has anyone got any clues as to what might help to achieve this, i am >> > looking >> > into logsurfer but not sure if this handles the directory structure >> > nicely. >> > >> > thanks for any tips >> >> Good question. >> How many servers do you have to collect logs from? >> >> I'd like to hear of people who have used both Splunk and/or prelude in an >> environment with, say, 500<x<1000 servers, for collection of logs and can >> voice a few opinions. >> >> The problem, as the author recognizes, is not collection but retrieval and >> processing (a cron-job that deletes them periodically does not qualify as >> "processing"...). >> >> >> >> Rainer >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos >> > > Doh sorry for the top post. Need to pay more attention to that with gmail. -- David -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20100416/631293f0/attachment-0005.html>