Package suggestion: Epylog
skvidal at phy.duke.edu
Sat Sep 27 05:25:57 UTC 2003
On Sat, 2003-09-27 at 01:21, Wil Cooley wrote:
> On Fri, 2003-09-26 at 17:17, Konstantin Riabitsev wrote:
> > The largest win, in my opinion, is its usefulness in large cluster
> > installations, where logwatch simply doesn't "cut it." Other things I
> > consider just bonuses.
> I'm going to have to look at this, since this is one of the most
> bothersome missing features of LogWatch, logcheck, and pflogsumm.
To give you some idea of how much it reduces.
We have 230 systems logging to one loghost. The loghost runs syslog-ng.
nothing special being done with syslog-ng, really. epylog parses logs
once an hour b/t 9am and 9pm and once at 4am.
Our average log report is about 19-30K
it's tidy, it summarizes the info you want to see, and shows you the
aberrations at the end of the report.
We've caught more weirdness b/c it has reduced the crap we don't need to
More information about the devel