[165312] in North American Network Operators' Group
Re: Parsing Syslog and Acting on it, using other input too
daemon@ATHENA.MIT.EDU (Kevin Stone)
Thu Aug 29 09:20:23 2013
In-Reply-To: <CAGpNY1FAkwy6kpnxrMZXNS69=36BBdhxdrsehGWXVg7k3-ycSg@mail.gmail.com>
Date: Thu, 29 Aug 2013 09:17:48 -0400
From: Kevin Stone <kstone@inetlabs.net>
To: Jason Biel <jason@biel-tech.com>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Look at Logstash, http://logstash.net.
Rsyslog can do a bit, on Windows you could look at the Solarwinds Kiwi
syslog server.
On Thu, Aug 29, 2013 at 9:10 AM, Jason Biel <jason@biel-tech.com> wrote:
> You should look into SPLUNK (http://www.splunk.com/), it will
> collect/store
> your syslog data and you can run customized reports and then act on them.
>
>
> On Thu, Aug 29, 2013 at 8:03 AM, Kasper Adel <karim.adel@gmail.com> wrote:
>
> > Hello.
> >
> > I am looking for a way to do proactive monitoring of my network, what I
> am
> > specifically thinking about is receiving syslog msgs from the routers and
> > the backend engine would correlate certain msgs with output/data that i
> am
> > receiving through SSH/telnet sessions. What i am after is not exposed to
> > SNMP so i need to do it on my own.
> >
> >
> > I am sure there are many tools that can do parsing of syslog and acting
> > upon it but i wonder if there is something more flexible out there that I
> > can just re-use to do the above ? Please point me to known public or
> > home-grown scripts in use to achieve this.
> >
> > Regards,
> >
> > Sam
> >
>
>
>
> --
> Jason
>
