[OT] splunk alternatives

Wilkinson, Alex alex.wilkinson at dsto.defence.gov.au
Tue Apr 10 12:24:39 CST 2007 

    0n Tue, Apr 10, 2007 at 11:46:39AM +0930, Shane wrote: 

    >Hey All,
    >
    >For anyone unfamiliar on splunk its "an enterprise-level search tool
    >that can index logs and IT data, including server events, network
    >events, and application events from one or more servers or network
    >devices."  http://splunk.com
    >
    >Anyhoo been messing with it a bit and its pretty cool / handy for
    >consolidating multiple server and network devices logs into a single
    >point for searching etc. The annoying part is all of its really cool /
    >powerful features are only available in the pro edition which I can't
    >get purchase approval for so my question is, does anyone know of any
    >good alternatives to splunk, preferably of the open source / free so
    >that we can both use and modify the tool as needed?

Lire:

   Lire, the french word for `to read', is a toolset of logfile analysers.

   The Lire package is targeted at automatically generating useful
   reports from raw log files from various services. Currently, Lire
   can generate reports for a variety of email, web, dns, ftp, print
   servers and firewalls, and supports multiple output formats.

   Lire is built around the concept of a superservice. A superservice
   is a class of applications which share the same reports. Lire
   supports 6 superservices: dns, email, firewall, ftp, print and www.
   This means that log files for all supported email servers (service
   in Lire's parlance) will get similar reports. This is important for
   heterogeneous environments where you could have e.g. Sendmail and
   Postfix mail servers running. You will get similar reports which
   you can compare.

   Notes:
   - PDF output can be enabled if you follow the instructions coming
     with "make pdf"
   - Excel output only works if you have Perl 5.6.1

   WWW: http://www.logreport.org


 -aW

IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914.  If you have received this email in error, you are requested to contact the sender and delete the email.

More information about the linuxsa mailing list