liblognorm – Page 6

New Mailing List for Log Normalization

By Adiscon SupportPosted on January 13, 2011Posted in NewsTagged liblognorm, mailing list

Thankfully, the interest in log normalization and the related libraries liblognorm and libee has increased. Up until now, we have handled discussions on this topics via the rsyslog mailing list. As conversations increase, this may be come an unnecessary burden for those only interested in rsyslog. So we have created a new mailing list named […]

liblognorm 0.1.0 has been released

By Adiscon SupportPosted on December 9, 2010Posted in NewsTagged 0.1.0, introduction, liblognorm, library

Liblognorm is a event and log normalization library that is capable of real-time processing. It provides the capability to normalize events to a set of standard formats. It is most efficient when used together with almost unstructured data, as for example found in typical syslog messages. While liblognorm provides a service similar to other projects, […]

liblognorm 0.1.0

By Adiscon SupportPosted on December 9, 2010Posted in DownloadTagged 0.1.0, Download, liblognorm

Download file name: liblognorm 0.1.0 liblognorm 0.1.0 md5sum: 72d90438b21e23805a0ab9312916782d Author: Rainer Gerhards (rgerhards@adiscon.com) Version: 0.1.0 File size: 0.307 MB Download this file now!

log normalization with rsyslog

By Adiscon SupportPosted on December 2, 2010Posted in NewsTagged liblognorm, message modification module, normalization, rsyslog

We just wanted to give you a quick heads-up on our current development efforts: We have begun to work heavily on a message modfication module for rsyslog which will support liblognorm-style normalization inside rsyslog. In git there already is a branch “lognorm”, which we will hopefully complete and merge into master soon. It provides some […]

Creating a rulebase

By Posted on November 16, 2010Posted in HelpTagged liblognorm, rule, rulebase, sampledb

A first example for a rulebase you can download at http://blog.gerhards.net/2010/11/log-normalization-first-results.html I will use an excerpt of that rulebase to show you the most common expressions. rule=:%date:date-rfc3164% %host:word% %tag:char-to:\x3a%: no longer listening on %ip:ipv4%#%port:number%’ That excerpt is a common rule. A rule contains different “parts”/properties, like the message you want to normalize (e.g. Host, IP, […]

log normalization – first results

By Adiscon SupportPosted on November 15, 2010Posted in NewsTagged CEE, liblognorm, normalization

At the beginning of this week we were pretty confident, that we would not make our self-set deadline of one month to implement a first rough proof of concept of liblognorm, a log normalizing library. Fortunately, we made extremely good progress the past two days and we are now happy to say that we have […]

Introducing liblognorm

By Adiscon SupportPosted on October 13, 2010Posted in NewsTagged introduction, liblognorm

Liblognorm shall help to make sense out of syslog data, or, actually, any event data that is present in text form. In short words, one will be able to throw arbitrary log message to liblognorm, one at a time, and for each message it will output well-defined name-value pairs and a set of tags describing […]