[122897] in North American Network Operators' Group
Re: log parsing tool?
daemon@ATHENA.MIT.EDU (gordon b slater)
Tue Feb 23 01:13:03 2010
X-IP-MAIL-FROM: gordslater@ieee.org
From: gordon b slater <gordslater@ieee.org>
To: "Dale W. Carder" <dwcarder@wisc.edu>
In-Reply-To: <1ADCCBD8-0CAF-4286-9220-C0C8BA62BB60@wisc.edu>
Date: Tue, 23 Feb 2010 06:12:37 +0000
Cc: nanog@nanog.org
Reply-To: gordslater@ieee.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, 2010-02-22 at 18:14 -0600, Dale W. Carder wrote:
> Take a look at SLCT, also by Risto Vaarandi:
>
> http://ristov.users.sourceforge.net/slct/
>
> SLCT can parse huge amounts of logs very fast. We use it to
> crunch firewall logs and also to find ports that are flapping
> excessively.
+1, SLCT definitely finds the needles in haystacks of huge syslog files
Gord
--
best viewed in mailx
