You are asking a very general question about an extremely complicated subject.

I'd point you toward a reference like "Perl for System Administration" which has a chapter dedicated to log analysis. And loook in CPAN.