wanna be sys admin question

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

wanna be sys admin question

Predrag Punosevac-2
I am soliciting opinions and some guidance on few very general sys admin
questions.

1. What do people in general use to parse large amount of log files
received in the form of e-mails?  security/logsurfer and similar. I have
seen some in the ports tree.

2. I just learned about www/racktables but it seems rather
complicated. Are there some simpler tools with similar functionality
which do not involve data bases and web interfaces.

3. Are there any advantages of graphics/dia over general purposes
vectorial graphics programs like graphics/inkscape for drawing network
topology.

Thanks,
Predrag

MJ
Reply | Threaded
Open this post in threaded view
|

Re: wanna be sys admin question

MJ
On 07 Nov 2013, at 06:09, Predrag Punosevac <[hidden email]> wrote:

> I am soliciting opinions and some guidance on few very general sys admin
> questions.
>
> 1. What do people in general use to parse large amount of log files
> received in the form of e-mails?  security/logsurfer and similar. I have
> seen some in the ports tree.

Perl. You won’t be much of a sysadmin if you don’t take the time to master perl.


> 3. Are there any advantages of graphics/dia over general purposes
> vectorial graphics programs like graphics/inkscape for drawing network
> topology.

Sure, dia has things like network shapes and connection points already included.

Reply | Threaded
Open this post in threaded view
|

Re: wanna be sys admin question

Jan Stary
On Nov 07 06:21:09, [hidden email] wrote:

> On 07 Nov 2013, at 06:09, Predrag Punosevac <[hidden email]> wrote:
>
> > I am soliciting opinions and some guidance on few very general sys admin
> > questions.
> >
> > 1. What do people in general use to parse large amount of log files
> > received in the form of e-mails?  security/logsurfer and similar. I have
> > seen some in the ports tree.
>
> Perl. You won?t be much of a sysadmin if you don?t take the time to master perl.

awk, to avoid perl
<ducks>

Reply | Threaded
Open this post in threaded view
|

Re: wanna be sys admin question

Stuart Henderson
In reply to this post by Predrag Punosevac-2
On 2013-11-07, Predrag Punosevac <[hidden email]> wrote:
> I am soliciting opinions and some guidance on few very general sys admin
> questions.
>
> 1. What do people in general use to parse large amount of log files
> received in the form of e-mails?  security/logsurfer and similar. I have
> seen some in the ports tree.

Logs received in the form of emails? not sure... most things like this
usually prefer syslog or similar.

> 2. I just learned about www/racktables but it seems rather
> complicated. Are there some simpler tools with similar functionality
> which do not involve data bases and web interfaces.

www/rackmonkey is simpler (which makes it rather restricted, but maybe
easier to get into..), though it does also have a web interface, and it
does use a database (how would you write this type of program without
some kind of database anyway? easier to use SQL than some homemade
flat-file thing).

Learning basic SQL is definitely a useful thing for a sysadmin IMO.

> 3. Are there any advantages of graphics/dia over general purposes
> vectorial graphics programs like graphics/inkscape for drawing network
> topology.

I normally either use tgif (not a million miles from xfig, but I prefer
it), or abuse gns3 for this.. I tried dia once but it ate my network map
(saved it but wasn't able to reload it) which put me off trying it again
- though it has probably improved since then.

Real hardcore admins might prefer graphviz though :)

Reply | Threaded
Open this post in threaded view
|

Re: wanna be sys admin question

William Orr-2
In reply to this post by Predrag Punosevac-2
On Nov 6, 2013, at 8:09 PM, Predrag Punosevac <[hidden email]> wrote:

> I am soliciting opinions and some guidance on few very general sys admin
> questions.
>
> 1. What do people in general use to parse large amount of log files
> received in the form of e-mails?  security/logsurfer and similar. I have
> seen some in the ports tree.

Hey Predrag,

At the site I work at we have too many hosts to parse logs with
Perl/awk/scripts in other
languages. At my site, we've used both Splunk (commercial log aggregator) and
Logstash (Apache 2.0) to deal with the sheer number of messages we have.
We've
gotten rid of Splunk today, largely because it's just too damn expensive.

At smaller sites, I've used simple Perl scripts and email to handle log
messages.

Even at large sites, knowledge of Perl/Shell (not just bash!)/Python have
been
indispensable. Even more important is to know and identify the right lang for
the job.

Hope this helps!
William Orr

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]