On a typical system, many log files are scattered throughout the file system. The kernel, various utilities, and user applications create these logs to alert an administrator to events such as security violations and software or hardware failures.
As the number of machines that a system administrator oversees increases, the task of managing these logs and utilizing the information they contain becomes increasingly difficult. Additionally, no standardized format exists for log files; therefore there is no simple way to analyze the data.
The IBM Tivoli Monitoring: UNIX Log Agent allows you to manage and utilize log files more effectively.
You can create situations that fire when specific messages are written to a log so that you can take a more proactive approach to managing the systems for which you are responsible. This means you can respond to events as soon as they occur and take action to prevent potential problems from developing.
Because the IBM Tivoli Monitoring: UNIX Log Agent screens all log entries forwarding only selected entries to the Tivoli Enterprise Portal, it eliminates the need to manually analyze large log files.
By shifting the emphasis of management from post-mortem diagnosis to real-time response, the agent allows you to increase the amount of log data collected by system daemons and user applications while decreasing the amount of data archived and stored for historical debugging and analysis.
The IBM Tivoli Monitoring: UNIX Log Agent allows you to easily retrieve log entries that occurred within a certain time span from any monitored log, and present data from different log types in a common format within a Tivoli Enterprise Portal workspace.