From mboxrd@z Thu Jan 1 00:00:00 1970 X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/1161 Path: news.gmane.org!not-for-mail From: Vincent Danen Newsgroups: gmane.comp.sysutils.supervision.general Subject: monitoring svlogd-produced logfiles Date: Wed, 14 Jun 2006 17:35:08 -0600 Organization: Annvix Message-ID: <20060614233508.GP898@annvix.org> NNTP-Posting-Host: main.gmane.org Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="wJnDPJhqGGlzIm5V" X-Trace: sea.gmane.org 1150328155 30220 80.91.229.2 (14 Jun 2006 23:35:55 GMT) X-Complaints-To: usenet@sea.gmane.org NNTP-Posting-Date: Wed, 14 Jun 2006 23:35:55 +0000 (UTC) Original-X-From: supervision-return-1397-gcsg-supervision=m.gmane.org@list.skarnet.org Thu Jun 15 01:35:52 2006 Return-path: Envelope-to: gcsg-supervision@gmane.org Original-Received: from antah.skarnet.org ([212.85.147.14]) by ciao.gmane.org with smtp (Exim 4.43) id 1Fqetl-0006D8-71 for gcsg-supervision@gmane.org; Thu, 15 Jun 2006 01:35:45 +0200 Original-Received: (qmail 29749 invoked by uid 76); 14 Jun 2006 23:36:05 -0000 Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Archive: Original-Received: (qmail 29743 invoked from network); 14 Jun 2006 23:36:05 -0000 Original-To: supervision@list.skarnet.org Content-Disposition: inline X-Mailer: Mutt 1.5.x/OS X 10.4.x X-PGP-Key: http://linsec.ca/vdanen.asc X-URL: http://annvix.org/ User-Agent: Mutt/1.5.10i X-SA-Exim-Connect-IP: 68.149.37.7 X-SA-Exim-Mail-From: vdanen@annvix.org X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on hades.annvix.org X-Spam-Level: X-Spam-Status: No, score=-1.4 required=6.0 tests=ALL_TRUSTED autolearn=ham version=3.1.0 X-SA-Exim-Version: 4.2 (built Wed, 01 Feb 2006 18:29:36 -0700) X-SA-Exim-Scanned: Yes (on hades.annvix.org) Xref: news.gmane.org gmane.comp.sysutils.supervision.general:1161 Archived-At: --wJnDPJhqGGlzIm5V Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Quick question here... is anyone using anything like swatch or SEC to parse/monitor svlogd-produced logfiles? I'm having some issues with tail where it won't follow ./current when it rotates, which is causing me some grief. I ended up solving it to some extent using the perl File::Tail module with swatch, but I'm not overly satisfied with the results, because swatch will now only let me monitor a single logfile rather than two (my catchall log and the kernel log from socklog), and on my loghost I need it to look at probably a dozen logs. So I'm looking for a good alternative that properly follows ./current (or reloads it on rotation) and can handle multiple logfiles. There's a whole bunch of different programs out there so I'm hoping that someone can share what they're using to save me some time. I'm currently looking at SEC, and it seems quite powerful. The other thing I was considering was to see if I could make svlogd write to one end of a named pipe and have the log watcher on the end, avoiding disk writes completely (and let the log watcher write "summarized" logs). This would be a benefit when having two "*.*" services, one writing the logs and the other writing them to the named pipe. But I'm not sure if named pipes are exclusive, i.e. can I have multiple svlogd processes writing to the same named pipe at the same time? Ideally, the log watcher should be able to run supervised as well because although I'd like to watch it realtime (I like swatch's colorized output), I'd like it to also write the "summary" log as well, which would be retained for a longer period of time than the standard logs. Any suggestions? Thanks in advance. --=20 {FEE30AD4 : 7F6C A60C 06C2 4811 FA1C A2BC 2EBC 5E32 FEE3 0AD4} mysql> SELECT * FROM users WHERE clue > 0; Empty set (0.00sec) :: Annvix - Secure Linux Server: http://annvix.org/ :: --wJnDPJhqGGlzIm5V Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (Darwin) iD8DBQFEkJ0sLrxeMv7jCtQRApuhAKCnGbzw2G9LnQkNHuJw6v5qJff11QCglMsD e5YCOGtlSiiT6Esd5PANCi0= =oLno -----END PGP SIGNATURE----- --wJnDPJhqGGlzIm5V--