nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: improving signal to noise ratio from centralized network syslogs

From: John Kougoulos <john.kougoulos () gmail com>
Date: Tue, 6 Feb 2018 13:03:45 +0100
On Mon, Feb 5, 2018 at 9:27 PM, James Bensley <jwbensley () gmail com> wrote:


On 5 February 2018 at 18:57,  <valdis.kletnieks () vt edu> wrote:

On Mon, 05 Feb 2018 10:49:42 -0800, "Scott Weeks" said:

I have no knowledge of syslog-ng.  Does it do the
real time scrolling like I mention?


Use 'tail -f' or similar.


The only problem is that with BASH based solutions is that they are
slow. They don't scale well.

Some years ago I wrote a script that would periodically (every 5
minutes by default) grep for interesting events / filter uninteresting
events from the syslog file and email you the results. It's here if
anyone is interested: https://null.53bits.co.uk/index.php?page=sysgrep





Last year I found the time to code something similar in perl using
File::Tail ,  here is the outcome in case anyone is interested:
https://github.com/jkougoulos/9to5tail


Regards,
John
Previous By Date Next
Previous By Thread Next

Current thread: