Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /home/zhenxiangba/zhenxiangba.com/public_html/phproxy-improved-master/index.php on line 456

SLCT - simple logfile clustering tool

SLCT is a tool that was designed to find clusters in logfile(s), so that each cluster corresponds to a certain line pattern that occurs frequently enough. Here are some examples of the clusters that SLCT is able to detect:

Dec 18 * myhost.mydomain sshd[*]: log: Connection from * port *
Dec 18 * myhost.mydomain sshd[*]: log: Password authentication for * accepted.

With the help of SLCT, one can quickly build a model of logfile(s), and also identify rare lines that do not fit the model (and are possibly anomalous).

SLCT has been tested on Redhat 8.0 Linux and Solaris 8 (compiled with gcc), but is likely to compile and work on other platforms as well.

For more information, read the man page. There is also a paper about SLCT (published at IEEE IPOM'2003).

Download:

slct-0.04 (2003-10-09)
slct-0.03 (2003-08-25)
slct-0.02 (2003-05-26)
slct-0.01 (2003-04-13)

Should you have questions, contact the author: risto.vaarandi@eyp.ee.