On Fri, Mar 22, 2002 at 08:47:07AM -0600, DACross at nwc.edu wrote:
> Does anyone have any recommendations for log analysis? We're planning to
> have one Linux machine collect syslog data for a number of servers but we
> need something to weed through the VERY large log files that will be
> generated.

Although I'm not sure what level of "analysis" you want, I use
logcheck in a similar setup.  It sifts through ~1M/day of logs for me
and emails reports of anything that looks odd.  ("Odd" being defined
by a bunch of regexes that enumerate "normal" activity.)  Not real
sopihsticated, but a good starting point in any case.

-- 
When we reduce our own liberties to stop terrorism, the terrorists
have already won. - reverius

Innocence is no protection when governments go bad. - Tom Swiss