headers
Adam Cozzette | 7 Jul 2009 02:02
Favicon

Is Epylog Still Active?

Hello,

I noticed from looking at the archives that there's been very little
activity on this list in the past couple of years, but I thought I would
send out an email anyway just to see if anyone else is still around
using or developing epylog. Are there any plans to continue developing
the project?

I'm a student working for the computer science department at my college
and my colleagues and I would like to add some functionality to epylog
that would display at the top of the email summary any statistics that
are out of the ordinary -- say, beyond a configurable number of standard
deviations from the mean over the previous couple of weeks. Unless I'm
mistaken, epylog doesn't yet have such a feature, but before I started
working on one, I just wanted to see if anyone else was still out there
working on epylog (or thinking about starting to work on it again).

Thanks,
Adam Cozzette
Permalink | Reply | 6 comments |
headers
Chris Geddings | 7 Jul 2009 14:12
Favicon

Re: Is Epylog Still Active?

https://fedorahosted.org/epylog/

I think that's the current home. I don't know how actively
it is being developed currently, but I know it is still in use
in a few places.  I know the developer had gotten busy
in his personal life a while back, but I'm not sure what
his overall plans are for the project.

At some point, the code was largely doing what most
(never all, right?) of the user base wanted, so heavy
development wasn't really seen as needed.  That may
or may not have changed by now.

--Chris

On Jul 6, 2009, at 8:02 PM, Adam Cozzette wrote:

> Hello,
>
> I noticed from looking at the archives that there's been very little
> activity on this list in the past couple of years, but I thought I  
> would
> send out an email anyway just to see if anyone else is still around
> using or developing epylog. Are there any plans to continue developing
> the project?
>
> I'm a student working for the computer science department at my  
> college
> and my colleagues and I would like to add some functionality to epylog
> that would display at the top of the email summary any statistics that
(Continue reading)

Permalink | Reply | 4 comments |
headers
Adam Cozzette | 8 Jul 2009 17:59
Favicon

Re: Is Epylog Still Active?

On Tue, Jul 07, 2009 at 08:12:54AM -0400, Chris Geddings wrote:
> https://fedorahosted.org/epylog/
>
> I think that's the current home. I don't know how actively
> it is being developed currently, but I know it is still in use
> in a few places.  I know the developer had gotten busy
> in his personal life a while back, but I'm not sure what
> his overall plans are for the project.
>
> At some point, the code was largely doing what most
> (never all, right?) of the user base wanted, so heavy
> development wasn't really seen as needed.  That may
> or may not have changed by now.
>
> --Chris

Hi Chris,

Thanks for the reply. I had seen that epylog website and it looked like
there wasn't much activity although there had been a little bit of
progress toward a new release. I guess I may want to look into finding
another log analyzer that's being developed more actively.

Thanks,
Adam
Permalink | Reply | 2 comments |
headers
Hunter Matthews | 8 Jul 2009 18:13
Favicon

Re: Is Epylog Still Active?

I've written a patch to allow the local weed and local notices to span  
multiple files. I liked the ability to group things by system or daemon.

If anyone is interested in those patches, I'll post them to the list.

On Jul 8, 2009, at 10:59 AM, Adam Cozzette wrote:

> On Tue, Jul 07, 2009 at 08:12:54AM -0400, Chris Geddings wrote:
>> https://fedorahosted.org/epylog/
>>
>> I think that's the current home. I don't know how actively
>> it is being developed currently, but I know it is still in use
>> in a few places.  I know the developer had gotten busy
>> in his personal life a while back, but I'm not sure what
>> his overall plans are for the project.
>>
>> At some point, the code was largely doing what most
>> (never all, right?) of the user base wanted, so heavy
>> development wasn't really seen as needed.  That may
>> or may not have changed by now.
>>
>> --Chris
>
> Hi Chris,
>
> Thanks for the reply. I had seen that epylog website and it looked  
> like
> there wasn't much activity although there had been a little bit of
> progress toward a new release. I guess I may want to look into finding
> another log analyzer that's being developed more actively.
(Continue reading)

Permalink | Reply | 1 comment |
headers
Konstantin Ryabitsev | 8 Jul 2009 19:48
Favicon

Re: Is Epylog Still Active?

2009/7/6 Adam Cozzette <acozzette <at> cs.hmc.edu>:
> Hello,
>
> I noticed from looking at the archives that there's been very little
> activity on this list in the past couple of years, but I thought I would
> send out an email anyway just to see if anyone else is still around
> using or developing epylog. Are there any plans to continue developing
> the project?

Hi, Adam:

Unfortunately, I haven't been developing Epylog simply because I am no
longer in a situation where I have to worry about log processing and
analysis. As they say, there's no more "itch to scratch," so I haven't
really touched Epylog in about 4-5 years.

Effectively, it's abandonware, unless someone is interested in
maintaining it. The fundamentals are quite sound, even 5 years down
the line, so I don't think it's a waste of time. Currently the source
tree is at fedorahosted, but I could easily dump it if others are
interested in maintaining it.

So, unless someone picks it up, effectively, this is an epilogue for Epylog. :)

Cheers,
--

-- 
Konstantin Ryabitsev
Montréal, Québec
Permalink | Reply | 0 comments |
headers
Paul Stauffer | 8 Jul 2009 19:49
Favicon

Re: Is Epylog Still Active?

On Wed, Jul 08, 2009 at 11:13:53AM -0500, Hunter Matthews wrote:
> I've written a patch to allow the local weed and local notices to span 
> multiple files. I liked the ability to group things by system or daemon.
>
> If anyone is interested in those patches, I'll post them to the list.

Sounds cool.  Please do post them.  Best way to avoid project stagnation is
active community contributions.

FWIW, we use epylog quite extensively in our department.  It's been a
wonderful tool for our sysadmin team to keep tabs on everything going on
with our machines.  I have also wondered about what future development plans
there may be for it, but as previously mentioned, it already works pretty
darn well, so there's not too much I'd really expect to see changed or
added.  About the only maintenance we ever do on it is to add new regexs to
weed_local.cf when software updates introduce new message formats, and
occasionally write new entries for notice_local.xml.

Thanks to all contributors for a great tool.

cheers,
- Paul

--

-- 
Paul Stauffer <paulds <at> bu.edu>
Manager of Systems Administration
Computer Science Department
Boston University
Permalink | Reply | 0 comments |
headers
Jeremy Kindy | 9 Jul 2009 23:17
Picon
Favicon

Re: Is Epylog Still Active?

Sorry to join the discussion a bit late.  I've written a couple of 
modules and submitted them to this mailing list.  The latest one is for 
selinux messages.  If anyone is interested I'll post it to the list as well.

We're using epylog and I quite like it.

Jeremy

Chris Geddings wrote:
> https://fedorahosted.org/epylog/
>
> I think that's the current home. I don't know how actively
> it is being developed currently, but I know it is still in use
> in a few places.  I know the developer had gotten busy
> in his personal life a while back, but I'm not sure what
> his overall plans are for the project.
>
> At some point, the code was largely doing what most
> (never all, right?) of the user base wanted, so heavy
> development wasn't really seen as needed.  That may
> or may not have changed by now.
>
> --Chris
>
> On Jul 6, 2009, at 8:02 PM, Adam Cozzette wrote:
>
>> Hello,
>>
>> I noticed from looking at the archives that there's been very little
>> activity on this list in the past couple of years, but I thought I would
(Continue reading)

Permalink | Reply | 0 comments |
headers
Vaclav Vobornik | 13 Jul 2009 16:21

log file definition

Hello,

I am about to use Epylog for my log files, but not sure how to configure 
my log files names.

Due to archiving reasons, the definition in my syslog-ng.conf is as below:

file("/export/logging/all/$YEAR-$MONTH-$DAY");

so the log files look like:

-rw-r--r-- 1 root sysadmin  1690801929 Jul  8 01:59 2009-07-07
-rw-r--r-- 1 root sysadmin  7637713968 Jul  9 01:59 2009-07-08
-rw-r--r-- 1 root sysadmin  8022809990 Jul 10 01:59 2009-07-09

but still unable to define in the epylog configuration files. I tried 
several formats like:

files = /export/logging/all/####-##-##
files = /export/logging/all/[####]-[##]-[##]
files = /export/logging/all/2009-[#]-[#]
etc.

but without success.

Could someone of you help me and suggest the right definition, please?

Many thanks
Vaclav Vobornik
(Continue reading)

Permalink | Reply | 1 comment |
headers
Jeremy Kindy | 13 Jul 2009 16:30
Picon
Favicon

Re: log file definition

I came upon this problem while creating a central logging server.  I 
tackled it a slightly different way by having syslog-ng send logs to two 
locations:

/logs                       # these are /logs/log_name/YYYY/MM/DD/ format
/var/log/external     # these are all logs of a certain type from all 
machines (e.g. /var/log/external/secure)

This is definitely inefficient (2x the writes required), but I also 
couldn't figure out how to get epylog to parse the files in /logs.

Epylog ignores the ones in /logs, and processes the ones in 
/var/log/external, which are rotated and kept for one day.

So, there is a potential solution.  However, if anyone has a better 
solution to Vaclav's request, I'm also interested!

Best,
Jeremy

Vaclav Vobornik wrote:
> Hello,
>
> I am about to use Epylog for my log files, but not sure how to 
> configure my log files names.
>
> Due to archiving reasons, the definition in my syslog-ng.conf is as 
> below:
>
> file("/export/logging/all/$YEAR-$MONTH-$DAY");
(Continue reading)

Permalink | Reply | 0 comments |
headers
Micha vor dem Berge | 27 Jul 2009 18:09
Picon

Is Epylog Still Active?

Hi,

that's a good question I asked myself a while ago. As Konstantin
Ryabitsev clarified, the project is not maintained anymore because of
his lack of time. But I think, epylog is a great peace of work which
should be revived. 

Is anyone willing to do so? I would ... but my programing skills are far
away from being sufficient maintaining such a project.

By the way...
Jeremy Kindy wrote some modules and is willing to contribute them... and
maybe some others I'm not aware of.
I also wrote 2 very small modules (one for ntpd and one for
smartd-messages) and would like to integrate them into epylog. I also
tried to correct some of the regex-expressions to make epylog work fine
one a debian 5.0 (lenny)-system. 

These changes could be the starting shot for epylog-1.0.4 ;)

Regards,
Micha vor dem Berge
Permalink | Reply | 8 comments |

Gmane