From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1GFNQ1-0004xL-J8 for garchives@archives.gentoo.org; Tue, 22 Aug 2006 03:59:14 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.13.7/8.13.6) with SMTP id k7M3v8HH012204; Tue, 22 Aug 2006 03:57:08 GMT Received: from wx-out-0506.google.com (wx-out-0506.google.com [66.249.82.231]) by robin.gentoo.org (8.13.7/8.13.6) with ESMTP id k7M3rdZN018904 for ; Tue, 22 Aug 2006 03:53:39 GMT Received: by wx-out-0506.google.com with SMTP id r21so1825537wxc for ; Mon, 21 Aug 2006 20:53:39 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:disposition-notification-to:date:from:reply-to:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; b=QReNQ0TeLMXXOkdmmTHRrSrAqZINtx1JdtTmuEga3MqKIcpqXCBu0nHbs9WlW7PFsV7WQEtZlsk8KCs5OU4uan85cvIkJdzXAbehN7cLPWJwXuMXMcWQhxz9tdcoSdF86PLb/61m64YoKEef1Mp6tNeFuOLSNroKNGTsaB2vuHk= Received: by 10.70.131.20 with SMTP id e20mr10642265wxd; Mon, 21 Aug 2006 20:53:39 -0700 (PDT) Received: from ?192.168.0.102? ( [63.207.177.13]) by mx.gmail.com with ESMTP id h20sm9200542wxd.2006.08.21.20.53.37; Mon, 21 Aug 2006 20:53:38 -0700 (PDT) Message-ID: <44EA7FC0.50902@gmail.com> Date: Mon, 21 Aug 2006 20:53:36 -0700 From: gentuxx User-Agent: Thunderbird 1.5.0.5 (X11/20060802) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Practical log reviewing References: <49bf44f10608212018s696cca9do2ecab8a74e85fd46@mail.gmail.com> In-Reply-To: <49bf44f10608212018s696cca9do2ecab8a74e85fd46@mail.gmail.com> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 085ceda3-a392-4920-b234-ecb5ba351f1c X-Archives-Hash: 694149b1d4c0517a92076d8bd5ed44de -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Grant wrote: > Does anyone know of a practical way to review all the various logs on > the system each day? Does it just come down to a brisk scroll through > the previous day's rotated logs? > > - Grant Depending on what you're requirements are, try OSSEC-HIDS (www.ossec.net). I've been using it for a couple weeks now and it's pretty handy. The longer I use it, the more I add to it, the better it is. Unfortunately there isn't an ebuild for it (yet). But it's really easy to install. Plus it does a lot more than just log monitoring. As far as other tools that might be available, you could try swatch or any of the other ploethera of tools that are out there. It really depends on why you want to review your logs: curiosity? security? regulation compliance? - -- gentux echo "hfouvyyAhnbjm/dpn" | perl -pe 's/(.)/chr(ord($1)-1)/ge' gentux's gpg fingerprint ==> 5495 0388 67FF 0B89 1239 D840 4CF0 39E2 18D3 4A9E -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFE6n/ATPA54hjTSp4RAvenAKDa0tboAerF4tFVOocd8mAWu1waOwCgnpfJ nG8xqnZsCBY+hALJX1wzX9I= =QEmq -----END PGP SIGNATURE----- -- gentoo-user@gentoo.org mailing list