[165311] in North American Network Operators' Group
Re: Parsing Syslog and Acting on it, using other input too
daemon@ATHENA.MIT.EDU (Dobbins, Roland)
Thu Aug 29 09:17:05 2013
From: "Dobbins, Roland" <rdobbins@arbor.net>
To: NANOG list <nanog@nanog.org>
Date: Thu, 29 Aug 2013 13:14:48 +0000
In-Reply-To: <CALb2afPc4RRZ8XP57iwcPQbz6ARFsdvb2FgzUHRHoP+viD8zhQ@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Aug 29, 2013, at 8:03 PM, Kasper Adel wrote:
> I am sure there are many tools that can do parsing of syslog and acting u=
pon it but i wonder if there is something more flexible out there that I ca=
n just re-use to do the above ?
<http://simple-evcorr.sourceforge.net/>
<http://www.splunk.com/>
If network traffic is of interest, don't forget about flow telemetry like N=
etFlow and/or IPFIX.
-----------------------------------------------------------------------
Roland Dobbins <rdobbins@arbor.net> // <http://www.arbornetworks.com>
Luck is the residue of opportunity and design.
-- John Milton
