[165319] in North American Network Operators' Group
Re: Parsing Syslog and Acting on it, using other input too
daemon@ATHENA.MIT.EDU (Gino O'Donnell)
Thu Aug 29 11:19:09 2013
Date: Thu, 29 Aug 2013 08:18:28 -0700
From: Gino O'Donnell <g@1337.io>
To: nanog@nanog.org
In-Reply-To: <CALb2afPc4RRZ8XP57iwcPQbz6ARFsdvb2FgzUHRHoP+viD8zhQ@mail.gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Check out Sagan: http://sagan.quadrantsec.com/
On 8/29/13 6:03 AM, Kasper Adel wrote:
> Hello.
>
> I am looking for a way to do proactive monitoring of my network, what I am
> specifically thinking about is receiving syslog msgs from the routers and
> the backend engine would correlate certain msgs with output/data that i am
> receiving through SSH/telnet sessions. What i am after is not exposed to
> SNMP so i need to do it on my own.
>
>
> I am sure there are many tools that can do parsing of syslog and acting
> upon it but i wonder if there is something more flexible out there that I
> can just re-use to do the above ? Please point me to known public or
> home-grown scripts in use to achieve this.
>
> Regards,
>
> Sam
>
