Collection of regexps to parse syslog logfiles

marvi has asked for the wisdom of the Perl Monks concerning the following question:

I'm doing some auditing of syslog logfiles from Linux/UNIX hosts and routers. Do anyone of you know of a site that collects these kind of patterns for reuse? I don't believe I'm the first one doing this. :)

Comment on Collection of regexps to parse syslog logfiles

Replies are listed 'Best First'.
Re: Collection of regexps to parse syslog logfiles by zigdon (Deacon) on Oct 02, 2002 at 12:59 UTC
Take a look at logwatch - it's written in perl, and seems to do exactly what you want to do. I'm sure they'll be happy to get more regexps. -- Dan	[reply]
Re: Re: Collection of regexps to parse syslog logfiles by marvi (Sexton) on Oct 03, 2002 at 08:01 UTC
I already have a framwork that does the parsning of the logs. But I can extract som information from http://cvs.autorpm.org/index.cgi/logwatch/scripts/services/ that can be useful for me. I still think it would be a nice thing to have a list of "standalone" regular expressions on a site, or perhaps in a CPAN module?	[reply]
Re: Collection of regexps to parse syslog logfiles by Steve_p (Priest) on Oct 02, 2002 at 13:07 UTC
You could always use Parse::Syslog in a script to audit your syslog.	[reply]
Re: Collection of regexps to parse syslog logfiles by rir (Vicar) on Oct 02, 2002 at 14:16 UTC
There is also the Linux/Unix tool logcheck which has some 'typical' config files that are sets of patterns.	[reply]
Re: Re: Collection of regexps to parse syslog logfiles by marvi (Sexton) on Oct 03, 2002 at 08:25 UTC
Not really regexps, but valuble anyhow.	[reply]