LinuxQuestions.org - what program do you use to analyze your logs ?

- Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)

- - what program do you use to analyze your logs ? (https://www.linuxquestions.org/questions/linux-general-1/what-program-do-you-use-to-analyze-your-logs-297871/)

what program do you use to analyze your logs ?

Hi,
I am using logwatch which sends an email every day with the logs of my server.
What I don't like about logwatch is that it doesn't send time stamped messages. For example I can't see when an event has occurred. Only that it has occurred....

Ex:
--------------------- SSHD Begin ------------------------

Failed logins from these:
XXX/password from ::ffff:192.168.60.1: 1 Time(s)

Users logging in through sshd:
YYYY:
server (192.168.60.1): 3 times

---------------------------------------------------------------

What do you use? I've heard about logcheck? Do you use it?

ddaas

You know you could probably hack at the logwatch scripts to include the timestamp.. ;)

I think its impossible :(
I am almost sure.
I've tried a lot to find out how...

If you find out please tell me how...

ddaas

Quote:

Originally posted by ddaas
I think its impossible :(
I am almost sure.
I've tried a lot to find out how...

If you find out please tell me how...

ddaas

Now why do you think its impossible? The scripts used are perl which read from the log files, it is possible and something you should look into further if your dying to have the timestamps in the output that is emailed to you.. ;)