Unix System Administration Package

Francois Pinard pinard at odyssee.UUCP
Wed Apr 27 15:02:26 AEST 1988


This will be my first wide posting.  We'll see if it works (:-)

In article <103 at sysadm.UUCP> bjorn at sysadm.UUCP (Bjorn Satdeva) writes:
>The package is intended to support and/or automate the daily work of
>administrating a Unix site.  The main goal is to provide tools for the
>administrator who already knows Unix well, although we will most likely
>add a front-end with some kind of intelligence.
>
>We want to provide the best possible tool, and would therefore like to
>have suggestions from the net, to what the packages should include.

Surveying all logs each day is a tedious job.  So I made a set of
several scripts to automate reports and checks I would have done with
my eyes anyway, but exhausting a lot of time.  A report is
automatically generated and mailed to me each night.  But the scripts
are somewhat configuration dependent and would require careful
generalization to make them portable in a useful way.

About the particular aspect of automatic analysis of logs, I consider
important, in a sysadm reporting package, to:

1) keep an overall picture of the system load and usage, daily.
2) spotcheck any irregularities within a short delay, say one day.

The main approach for 2) is to have, for each log, filters that match
and remove "normal" sequence of events.  What remain after removal
requires human analysis and is sent to me, possibly after slight
reformatting.  I implemented several of simple sequence recognitions,
which make the report useful to me.  But I would also need more
sophisticated analysis relating events and cross-checking logs, and I
have done almost nothing so far in that direction.

A first version of "surveil" (the name of the package) was implemented
by a lot of sh, sed and awk scripts.  A second version, which will
progressively replace the first, in my backgroud tasks, is getting rid
of sh, sed and awk and uses only Perl scripts.  You probably know that
Perl encompasses all three previous "languages".  A third version, if
I ever tackle it, would probably be an extension of the second for
more sophisticated analysis of "normality" cases - I would maybe use
some Prolog for implementing this, if it is affordably fast.  The real
dream would be to connect all of this to our natural language
generation system, from semantics to sentences (which is the main
speciality of the team here).

Anyway.  The current state of "surveil" is an heteroclitous mix of sh,
sed, awk and Perl, oriented towards my very specific conception of
normality and towards our system configuration.  I would like to see a
general, encompassing, free package for system administration to
include a generalization of "surveil" objectives.

>Please e-mail your comment or suggestions directly to me.  I will post
>a summary to the net if there is enough interest.

I just felt like adding my grain of salt in a more general forum, and
maybe getting feedback myself.  I'm sure almost every sysadm has a lot
of self developped tools.

Btw, "surveil" is not suited nor ready to distribution.  But I would
not hesitate to send it on a personnal basis (you were warned :-) to
anyone that feels like having it, BUT as long as the result of any of
your work in the same direction would be available to the community at
no charge.  I'm getting GNU minded, presumably.
-- 
Francois Pinard    "Vivement  C.P. 886, L'Epiphanie (Qc), Canada J0K 1J0
pinard at odyssee.uucp   GNU!"   (514)588-4656; Odyssee R.A.: (514)279-0716



More information about the Comp.unix.questions mailing list