|
-
August 20th, 2004, 03:19 PM
#1
A little question about logs.
I don't have a large amount of users on my system (I am the only one). My computer is also not mission critical. So why should I worry about the logs on my system? Simple, when something does go wrong as it will in most cases, you will know know a little bit about what happened and maybe even the reason why. I know this muc, but I was wondering if there are any programs that will help me in viewing the logs a little bit easier and make them a bit less cryptic. Also, does anyone know any good tutorials/books on the subject of log analysis? Thx, for the time and the help.
-
August 20th, 2004, 07:55 PM
#2
typically what i do (because part of my job is to troubleshoot what is going wrong with my servers) is use the event viewer -- which i know is not pretty,
when i look i just look for warnings and error's and then get the event ID and go to http://www.eventid.net/ by entering in the event ID there, i am able to look up more detailed info...
Probably not exactly what you are looking for, but your best bet (rather than getting a book) is using the website
[gloworange]find / -name \"*your_base*\" -exec chown us:us {} \\;[/gloworange] [glowpurple]Trust No One[/glowpurple][shadow] Use Hardened Gentoo  [/shadow]
CATAPULTAM HABEO. NISI PECUNIAM OMNEM MIHI DABIS, AD CAPUT TUUM SAXUM IMMANE MITTAM
-
August 21st, 2004, 05:33 AM
#3
Well with no mention of your OS it is hard to really say though in windows the event log and the number is a good start if it is Linux then learn about both tail switches and grep. Lots of google links on those two. In short in a general log you can filter to see events you define. But I am an old guy forgot most of the Nix stuff and am refreshing myself 
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg 
-
August 21st, 2004, 05:40 AM
#4
You dont mention your OS so I'll include various here...
Commercial:
* For Windows systems: Monilog http://www.monilog.com/
* MonitorWare who makes Monilog has many commercial logging products: http://www.monitorware.com/en/
Free/Open Source:
* Web logs: The Webalizer, http://www.mrunix.net/webalizer/
- Multiple platforms
* Simple event correlator: SEC Perl script, http://sourceforge.net/projects/simple-evcorr/
EXCELLENT LOGGING SITE:
* http://www.loganalysis.org/
Go to the Library section. Talk about drinking from a firehose!
This might not match what what you're looking for but check out the LogAnalysis.com site for great papers/resources to fin the topic you're looking for.
Enjoy!
-
August 21st, 2004, 06:19 AM
#5
Ahh I am sorry. I run Slackware 9.1. Thank you sooo much for the links rico. Palemoon, I feel like an idiot, I didn't even think of grep  . Thx for the answers guys.
<edit> I did some searching on my own and found a great paper on logging in *nix.</edit>
http://www.cs.colorado.edu/%7Etor/sa...sc/syslog.html
-
August 21st, 2004, 06:38 AM
#6
Is ok I have my Dah moments more often sooner then later now days
I believe that one of the characteristics of the human race - possibly the one that is primarily responsible for its course of evolution - is that it has grown by creatively responding to failure.- Glen Seaborg
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote
