Learning from Linux log files

views:

111

answers:

Learning from Linux log files

Hello,

I was wondering about the utility of storing metadata (Abbreviation Expansion, Brief Message, links to online resources) associated with messages, in /var/log/syslog, /var/log/kern.log etc.

For instance, for a message like ACPI: Processor [CPU1] (supports 8 throttling states) I would search online about CPU throttling, and store a brief information of what I understood, links that I visited, and throttling on Centrino (my processor) - I wouldn't have done that if I didn't search online for that message.

The objective is purely to improve my learning process and potentially read up on diverse aspects of systems. Additionally, I would also store the context in which I read something. I wrote a simple script in Perl to do this along with more elaboration on my blog.

Is there a better way to go about this? Or do, you think that the effort is not worth it? I look forward to suggestions!

Thanks! :-)

+2 A:

Your approach sounds like a good one. Ideally, people should be able to understand every line of their logs.

One resource that might come in handy is logcheck. It helps zero in both on what is most important as well as anomalies in your logs.

Karl Bielefeldt 2010-08-11 22:24:48

Hi Karl,Thanks a lot for your reply!I read the documentation-From what I can gather, the central aspect is that it matches messages to rules in the logcheck 'database'. I couldnt infer if we can add extra fields to the meta-data- like links visited,messages- I'll check it out!

2010-08-11 23:03:25

ansaurus

tags:

views:

answers:

Learning from Linux log files

related questions