[prev in list] [next in list] [prev in thread] [next in thread]
List: sidewinder
Subject: RE: [Sidewinder] parsing log files for information
From: sidewinder-admin () adeptech ! com
Date: 2002-09-16 22:44:48
[Download RAW message or body]
Thanks for all the replies....
I've found a reporting company called at http://www.wavecrestcomputing.com/
<http://www.wavecrestcomputing.com/> that claims to create reports on
Sidewinder logs. I've spent all day trying to make it work with no luck.
Has anyone else been able to make this Cyfin product work with sidewinder
logs? I've tried the exported webtrends formatted data as well as the
Sidewinder Export Format SEF with no results.
Andrew
-----Original Message-----
From: sidewinder-admin@adeptech.com [mailto:sidewinder-admin@adeptech.com]
Sent: Thursday, September 12, 2002 5:07 PM
To: 'sidewinder@adeptech.com'
Subject: RE: [Sidewinder] parsing log files for information
You can use 'zgrep' as someone mentioned in a previous e-mail or you can use
a shell script similar to the following:
#!/bin/sh
LOGS=`ls -1 /var/log/audit.raw.*`
for LOG in $LOGS
do
gunzip -c $LOG | acat -a | grep whatever
done
# end
Instead of using grep, I usually use a Perl script to sift through audit
data. If you have a specific need, I might have a script to do what you
want. Feel free to e-mail me directly instead of spamming the whole list.
Since Sidewinder has a fairly complete set of audit data within its audit
database, you could also develop your own reports with the new 'cf report'
mechanism or use SQL directly.
Randy Blahut
randall.blahut@langley.af.mil
-----Original Message-----
From: sidewinder-admin@adeptech.com [mailto:sidewinder-admin@adeptech.com]
Sent: Tuesday, September 10, 2002 1:27 PM
To: 'sidewinder@adeptech.com'
Subject: [Sidewinder] parsing log files for information
Every morning I have Sidewinder 5.2 dump a copy of it's daily logs to a file
server in WebTrends format. The only problem is that I do not have
WebTrends. Are there any other packages that are out there for reporting on
these log files? (that are cheap or free)
Also, I've done unix admin for a while but no scripting. Does anyone know
how I can perform a grep on a series of gzip files without having to
manually unzip them one at a time.
Thanks everyone.
R. Andrew Penney MCSE CET
Sr. Network Analyst
Saskatchewan Health
Corporate Information and Technology Branch
TC Douglas Bldg., 2nd Floor
3475 Albert Street
Regina SK S4S 6X6
Ph. 306.787.0212
Fax. 306.787.7589
Eat one live toad the first thing
in the morning and nothing worse
will happen to you the rest of
the day.
_____
This e-mail message is made entirely of the freshest hand-picked electrons.
_____
[Attachment #3 (text/html)]
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2600.0" name=GENERATOR></HEAD>
<BODY>
<DIV><SPAN classB0274122-16092002><FONT face=Arial color=#0000ff size=2>Thanks
for all the replies....</FONT></SPAN></DIV>
<DIV><SPAN classB0274122-16092002><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN classB0274122-16092002><FONT face=Arial color=#0000ff size=2>I've
found a reporting company called at <A
href="http://www.wavecrestcomputing.com/">http://www.wavecrestcomputing.com/</A> that
claims to create reports on Sidewinder logs. I've spent all day trying to
make it work with no luck.</FONT></SPAN></DIV>
<DIV><SPAN classB0274122-16092002><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN classB0274122-16092002><FONT face=Arial color=#0000ff size=2>Has
anyone else been able to make this Cyfin product work with sidewinder
logs? I've tried the exported webtrends formatted data as well as the
Sidewinder Export Format SEF with no results.</FONT></SPAN></DIV>
<DIV><SPAN classB0274122-16092002><FONT face=Arial color=#0000ff
size=2></FONT></SPAN> </DIV>
<DIV><SPAN classB0274122-16092002><FONT face=Arial color=#0000ff
size=2>Andrew</FONT></SPAN></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B>
sidewinder-admin@adeptech.com
[mailto:sidewinder-admin@adeptech.com]<BR><B>Sent:</B> Thursday, September 12,
2002 5:07 PM<BR><B>To:</B> 'sidewinder@adeptech.com'<BR><B>Subject:</B> RE:
[Sidewinder] parsing log files for information<BR><BR></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN classw5551316-12092002>You
can use 'zgrep' as someone mentioned in a previous e-mail or you can use a
shell script similar to the following:</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002>#!/bin/sh</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002>LOGS=`ls -1 /var/log/audit.raw.*`</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN classw5551316-12092002>for
LOG in $LOGS</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002>do</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002> gunzip -c $LOG | acat -a | grep
whatever</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002>done</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN classw5551316-12092002>#
end</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002>Instead of using grep, I usually use a Perl script to
sift through audit data. If you have a specific need, I might have a
script to do what you want. Feel free to e-mail me directly instead of
spamming the whole list. Since Sidewinder has a fairly complete set of
audit data within its audit database, you could also develop your own
reports with the new 'cf report' mechanism or use SQL
directly.</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002></SPAN></FONT> </DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002>Randy Blahut</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002>randall.blahut@langley.af.mil</SPAN></FONT></DIV>
<DIV><FONT face=Arial color=#0000ff size=2><SPAN
classw5551316-12092002></SPAN></FONT> </DIV>
<DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma
size=2>-----Original Message-----<BR><B>From:</B>
sidewinder-admin@adeptech.com
[mailto:sidewinder-admin@adeptech.com]<BR><B>Sent:</B> Tuesday, September 10,
2002 1:27 PM<BR><B>To:</B> 'sidewinder@adeptech.com'<BR><B>Subject:</B>
[Sidewinder] parsing log files for information<BR><BR></FONT></DIV>
<DIV>
<DIV><FONT face=Arial size=2><SPAN class�1325016-10092002>Every morning I
have Sidewinder 5.2 dump a copy of it's daily logs to a file server in
WebTrends format. The only problem is that I do not have
WebTrends. Are there any other packages that are out there for reporting
on these log files? (that are cheap or free) </SPAN></FONT></DIV>
<DIV><FONT face=Arial size=2><SPAN
class�1325016-10092002></SPAN></FONT> </DIV>
<DIV><SPAN class�1325016-10092002><FONT face=Arial><FONT size=2>Also, I've
done unix admin for a while but no scripting. Does anyone know how I can
perform a grep on a series of gzip files without having to <SPAN
class0091417-10092002>manually </SPAN>unzip them one at a
time.</FONT></FONT></SPAN></DIV>
<DIV><SPAN class�1325016-10092002><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class�1325016-10092002><FONT face=Arial size=2>Thanks
everyone.</FONT></SPAN></DIV>
<DIV><SPAN class�1325016-10092002><FONT face=Arial
size=2></FONT></SPAN> </DIV></DIV><SPAN id=_AthCaret></SPAN>
<P style="MARGIN: 0px"><FONT face="Comic Sans MS" size=2>
<MARQUEE scrollAmount scrollDelay0 behavior=slide loop=1>R. Andrew Penney
MCSE CET</MARQUEE></FONT></P>
<P style="MARGIN: 0px"><FONT face="Comic Sans MS" size=2></FONT></P>
<P style="MARGIN: 0px 0px 10px"><FONT face="Comic Sans MS" size=2>
<MARQUEE scrollAmount� scrollDelayU behavior=slide loop=1>Sr. Network
Analyst</MARQUEE></FONT></P>
<P style="MARGIN: 0px"><FONT face="Comic Sans MS" size=1>
<MARQUEE scrollAmount� scrollDelayU behavior=slide loop=1>Saskatchewan
Health</MARQUEE></FONT></P>
<P style="MARGIN: 0px"><FONT face="Comic Sans MS" size=1>
<MARQUEE scrollAmount� scrollDelayU behavior=slide loop=1>Corporate
Information and Technology Branch</MARQUEE></FONT></P>
<P style="MARGIN: 0px"><FONT face="Comic Sans MS" size=1>
<MARQUEE scrollAmount� scrollDelayU behavior=slide loop=1>TC Douglas
Bldg., 2nd Floor</MARQUEE></FONT></P>
<P style="MARGIN: 0px"><FONT face="Comic Sans MS" size=1>
<MARQUEE scrollAmount=9 scrollDelayU behavior=slide loop=1>3475 Albert
Street</MARQUEE></FONT></P>
<P style="MARGIN: 0px"><FONT face="Comic Sans MS" size=1>
<MARQUEE scrollAmount=8 scrollDelayU behavior=slide loop=1>Regina
SK
S4S 6X6</MARQUEE></FONT></P>
<P style="MARGIN: 0px"><FONT face="Comic Sans MS" size=1>
<MARQUEE scrollAmount=7 scrollDelayU behavior=slide loop=1>Ph.
306.787.0212</MARQUEE></FONT></P>
<P style="MARGIN: 0px 0px 15px"><FONT face="Comic Sans MS" size=1>
<MARQUEE scrollDelayU behavior=slide loop=1>Fax.
306.787.7589</MARQUEE></FONT></P>
<P style="MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px" align=left> </P>
<P style="MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px" align=left><FONT
face="Comic Sans MS" color=#ff0000 size=2>Eat one live toad the first
thing</FONT></P>
<P style="MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px" align=left><FONT
face="Comic Sans MS" color=#ff0000 size=2>in the morning and nothing
worse</FONT></P>
<P style="MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px" align=left><FONT
face="Comic Sans MS" color=#ff0000 size=2>will happen to you the rest
of</FONT></P>
<P style="MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px" align=left><FONT
face="Comic Sans MS" color=#ff0000 size=2>the day.</FONT></P>
<P style="MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px" align=left> </P>
<HR>
<P style="MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px" align=left><SPAN
style="FONT-SIZE: 12pt; FONT-FAMILY: Times New Roman; mso-fareast-font-family: MS \
Mincho; mso-ansi-language: EN-US; mso-fareast-language: EN-US; mso-bidi-language: \
AR-SA"> <MARQUEE scrollAmount=1 direction=right
behavior=alternate>This e-mail message is made entirely of the
freshest hand-picked electrons.</MARQUEE></SPAN></P>
<HR>
<DIV> </DIV></BLOCKQUOTE></BODY></HTML>
_______________________________________________
Sidewinder mailing list
Sidewinder@adeptech.com
http://mail.adeptech.com/mailman/listinfo/sidewinder
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic