innpeer-stats [was: Re: innd logging conventions]
Matus "fantomas" Uhlar
uhlar at fantomas.sk
Fri Dec 29 13:11:10 UTC 2000
-> > Well my current work is based on analyzing what syslog output means, not
-> > producing output. We will probably put data SQL into database and making
-> > graphs etc isn't my work now. I need to analyse output in meaning what each
-> > line means and that's why I want to have logs that can be easily
-> > processed...
-> waoo.. Looks ambitious to me. You mean *all* lines produced by a U*ix box ?
well it's also possible. But the main reason is store all logs in format
where are they easily accessible and can be easily and quickly queried on
many different conditions. That what I need/wans from daemons, is to log in
format that is (probably easily) converted to the database wihchout big
the format should be of type "msgtype arguments" and arguments should be
easily separatable from the log line... so 188.8.131.52 is better then
"184.108.40.206", "connect from ip" is better then "connect(ip)" etc
The reason is that logs processing can be done in perl, C or whatever anyone
wants, and in any case it should be as fast as possible
is not as easily processable as
Well, programs from inn package produce easily readable and processable
logs, except that thing I mentioned above (f:server etc)
If we change this, I'd recommend changind order of arguments... even if it
would break some scripts that cprocess logs (but they can be very easily
Matus "fantomas" Uhlar, sysadmin at NEXTRA, Slovakia; IRCNET admin of *.sk
uhlar at fantomas.sk ; http://www.fantomas.sk/ ; http://www.nextra.sk/
Windows found: (R)emove, (E)rase, (D)elete
Odchozí zpráva obsahuje viry.
Zkontrolováno antivirovým systémem AVG (http://www.grisoft.cz).
Verze: 6.0.217 / Virová báze: 102 - datum vydání: 1/12/2000
More information about the inn-workers