This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Log file reading

Hi all,
my problem in only 4 days i have kernel-logs wich are unzipped have a size of more than 1GByte yes right more than 1000 MByte Logfiles in only 4 Days. (friday to monday)
i found out that two of the clients wich made many of these logging are infected with lovesan. the firewall where this problem exists is on my RemoteAccessSystem so i must find out wich of my over 250 clients wich are all over the world maybe infected too.

So now my question out of this :

has anyone a tool to make the reading of this 1 gig of logfile easyer ???

please help

thanks
firebear

This thread was automatically locked due to age.

0 bergy over 21 years ago

there are ways to pass the logfiles on to a syslog server such as kiwi or iEQnetworks but I doubt that 1 GB is a volume any tool could make more readable. First thing to do is to reduce the logs, don't create a LOG DROP for everything but a DROP for broadcasts and things like lovesan...
Cancel
Vote Up 0 Vote Down

Cancel
0 firebear_01 over 21 years ago in reply to bergy

Hi,
thanks for the answer. But normaly the logfiles are zipped around 1 MB and if i filter all messages out i had never found that some clients have lovesan.

firebear
Cancel
Vote Up 0 Vote Down

Cancel