On Fri, Mar 22, 2002 at 08:47:07AM -0600, DACross at nwc.edu wrote: > Does anyone have any recommendations for log analysis? We're planning to > have one Linux machine collect syslog data for a number of servers but we > need something to weed through the VERY large log files that will be > generated. Although I'm not sure what level of "analysis" you want, I use logcheck in a similar setup. It sifts through ~1M/day of logs for me and emails reports of anything that looks odd. ("Odd" being defined by a bunch of regexes that enumerate "normal" activity.) Not real sopihsticated, but a good starting point in any case. -- When we reduce our own liberties to stop terrorism, the terrorists have already won. - reverius Innocence is no protection when governments go bad. - Tom Swiss