Date: Mon, 12 Jul 2021 15:44:16 +1000 From: Korolev Sergey <serejk@febras.net> To: KK CHN <kkchn.in@gmail.com> Cc: freebsd-questions <freebsd-questions@freebsd.org> Subject: Re: Analyzing Log files of very large size Message-ID: <d0ebe655c44cd2b5a70bbac4dcdddcc3@febras.net> In-Reply-To: <CAKgGyB_reF4eqz4pvQj7tFsOQEEB3WrFZa-91L%2BNChm=85h0-A@mail.gmail.com> References: <CAKgGyB_TJrLWSjcnc9491Gg0Q5CLqLdmWx2yga_Ez7-gE6YcKQ@mail.gmail.com> <E9C00664-DAC7-4F58-BCCA-CDD2654C9325@febras.net> <CAKgGyB_reF4eqz4pvQj7tFsOQEEB3WrFZa-91L%2BNChm=85h0-A@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I think, that proper tools usually highly depends on desired result, so my reasoning is quite general. People here advise to use Perl and also split one large file into managable pieces - all that is very good, I vote for that. But I don`t know Perl at all, so I usually get along with standard shell utilities: grep, tr, awk, sed, etc. I used to parse big maillogs with them successfully. On Sun, 11 Jul 2021 19:43:41 +0530, KK CHN wrote: > Yes, it is. > > On Sun, Jul 11, 2021 at 6:02 PM Korolev Sergey wrote: > >> Is it a plain text file? On 11 Jul 2021, at 22:13, KK CHN wrote: List, I am in a requirement to analyze large log files of sonic wall firewall around 50 GB. for a suspect attack. What tools and solutions need to be deployed for handling this much large files and pls enlighten me with your expertise and reference materials if any. All are tcp / ip communications, DNS UDP transports .. Regards, Kris _______________________________________________ freebsd-questions@freebsd.org [2] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-questions [3] To unsubscribe, send any mail to " freebsd-questions-unsubscribe@freebsd.org [4]" > > _______________________________________________ > freebsd-questions@freebsd.org [6] mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions [7] > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org [8]" Links: ------ [1] mailto:kkchn.in@gmail.com [2] mailto:freebsd-questions@freebsd.org [3] https://lists.freebsd.org/mailman/listinfo/freebsd-questions [4] mailto:freebsd-questions-unsubscribe@freebsd.org [5] mailto:serejk@febras.net [6] mailto:freebsd-questions@freebsd.org [7] https://lists.freebsd.org/mailman/listinfo/freebsd-questions [8] mailto:freebsd-questions-unsubscribe@freebsd.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d0ebe655c44cd2b5a70bbac4dcdddcc3>