[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

improving signal to noise ratio from centralized network syslogs

Subject: improving signal to noise ratio from centralized network syslogs
From: surfer at mauigateway.com (Scott Weeks)
Date: Mon, 5 Feb 2018 10:55:27 -0800


--- shane at short.id.au wrote:

In addition to that, you can use some fancy awk colour 
coding, so you can make it highlight certain lines based 
on content.. I use this for my e-mail logs, but Iâ??m sure 
it could be adapted:

tail -n 1000 -f /var/log/mail-submission.log | grep smtp.*relay | awk '
    /sent/ {print "\033[32m" $0 "\033[39m"}
    /bounced/ {print "\033[31m" $0 "\033[39m"}
    /deferred/ {print "\033[33m" $0 "\033[39m"}
----------------------------------------------------


The main thing for me is to find things that 
your network is doing that you weren't aware 
of.  Not normal things you want to see that 
a monitoring system will alert you about.

scott

Prev by Date: improving signal to noise ratio from centralized network syslogs
Next by Date: improving signal to noise ratio from centralized network syslogs
Previous by thread: improving signal to noise ratio from centralized network syslogs
Next by thread: RADB - aut-num policy question
Index(es):
- Date
- Thread