| Details |
There's a wealth of useful information being logged by your systems, but very often it's distributed and not readily visible. This talk shows you what's involved in setting up a central loghost to aggregate and effectively utilize all of that data. We'll consider replacement of the stock syslogd with syslog-ng, and detail the use of Simple Event Correlator (SEC) to reduce and correlate the volume of log messages to a set that can alert you to urgent problems and give you a much better feel for what's happening on your network.
Experience:
Leon has been using and administering UNIX systems since 1990, and been employed as a full-time sysadmin since 1995. While he's worked extensively with Solaris, AIX, HP-UX, Mac OS X, and too many others to name, lately he's been spending a lot of time with Linux working for Intelius in Bellevue, WA. |
