+1 on Splunk or if you don't mind using a SAS service check out https://papertrailapp.com/ Carlos Alcantar Race Communications / Race Team Member 1325 Howard Ave. #604, Burlingame, CA. 94010 Phone: +1 415 376 3314 / carlos@race.com / http://www.race.com -----Original Message----- From: Kasper Adel <karim.adel@gmail.com> Date: Thursday, August 29, 2013 6:03 AM To: "nanog@nanog.org" <nanog@nanog.org> Subject: Parsing Syslog and Acting on it, using other input too Hello. I am looking for a way to do proactive monitoring of my network, what I am specifically thinking about is receiving syslog msgs from the routers and the backend engine would correlate certain msgs with output/data that i am receiving through SSH/telnet sessions. What i am after is not exposed to SNMP so i need to do it on my own. I am sure there are many tools that can do parsing of syslog and acting upon it but i wonder if there is something more flexible out there that I can just re-use to do the above ? Please point me to known public or home-grown scripts in use to achieve this. Regards, Sam