From owner-freebsd-questions@FreeBSD.ORG  Fri Aug 30 04:39:50 2013
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 88540333
 for <questions@freebsd.org>; Fri, 30 Aug 2013 04:39:50 +0000 (UTC)
 (envelope-from Olivier.Nicole@cs.ait.ac.th)
Received: from mail.cs.ait.ac.th (mail.cs.ait.ac.th [192.41.170.16])
 (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 23E7622C9
 for <questions@freebsd.org>; Fri, 30 Aug 2013 04:39:49 +0000 (UTC)
Received: from mail.cs.ait.ac.th (localhost [127.0.0.1])
 by mail.cs.ait.ac.th (Postfix) with ESMTP id 67189160B0D
 for <questions@freebsd.org>; Fri, 30 Aug 2013 11:33:49 +0700 (ICT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.ait.ac.th; h=
 content-type:content-type:mime-version:message-id:date:date
 :subject:subject:from:from:received:received:received; s=
 selector1; t=1377837228; x=1379651629; bh=n8C3ZGRYgrv2oAp+XRDp32
 lNO42A/n0x4sJz4maSYHE=; b=fbosgC8a8gk1KeklxVX7kd8odPcj8KBMdo3JYN
 nBvNrnPRphZvmCgo+AUWi6ETNL55OuaFpLpCDW8IDvfgKXIYMlUncdQbkQD0AZfI
 Tms9EbjFoR/LgqnSdfBHV/MBQS9HbSlEFVYn41taxbgW/0af8fyh9NH3vnrGYhQA
 qLcGE=
X-Virus-Scanned: amavisd-new at cs.ait.ac.th
Received: from mail.cs.ait.ac.th ([127.0.0.1])
 by mail.cs.ait.ac.th (mail.cs.ait.ac.th [127.0.0.1]) (amavisd-new, port 10026)
 with ESMTP id bXRYpG8v8Jm9 for <questions@freebsd.org>;
 Fri, 30 Aug 2013 11:33:48 +0700 (ICT)
Received: from banyan.cs.ait.ac.th (banyan.cs.ait.ac.th [192.41.170.5])
 (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.cs.ait.ac.th (Postfix) with ESMTPS id B6C41160B06
 for <questions@freebsd.org>; Fri, 30 Aug 2013 11:33:48 +0700 (ICT)
Received: (from on@localhost)
 by banyan.cs.ait.ac.th (8.14.5/8.14.5/Submit) id r7U4XmxL038249;
 Fri, 30 Aug 2013 11:33:48 +0700 (ICT)
 (envelope-from on@banyan.cs.ait.ac.th)
From: Olivier Nicole <Olivier.Nicole@cs.ait.ac.th>
To: questions@freebsd.org
Subject: Tools to analyze syslog logs
Date: Fri, 30 Aug 2013 11:33:48 +0700
Message-ID: <wu7txi7n6fn.fsf@banyan.cs.ait.ac.th>
MIME-Version: 1.0
Content-Type: text/plain
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Aug 2013 04:39:50 -0000

Hello,

What tool do you use to analyze syslog logs?

All tools I can see in the ports seems to rely heavily on some big
configuration file, that had tons of regexp to filter the event messages.

I am wondering if some tool exists that would try to make a
classification of the event messages; that one could use to say "this
type of message" is close to "that type of message" hence thy should be
treated the same way, etc.

Best regards,

Olivier
--