"UNIX systems are especially talkative and log
considerable amounts of data. Many administrators at first find
digging through all those logs annoying, and some abandon the
practice of checking logs for that reason. However, when system
problems arise, those admins are left wondering what occurred and
why. Because there is so much data to sift through on a regular
UNIX system, efficiency must be sought to make sense of all of this
data and keep a watchful eye on your system.
My tool of choice to solve this matter is the awk language.
Originally, I used grep in a rather wieldy shell script, and didn't
want to port it to Perl. I found that awk provided a bit more
flexibility than my sometimes convoluted shell script, worked very
well for the ordered structure of log files, and had better regular
expression handling than grep. I will show several notification
items that can be readily picked out, and put them together in an
awk script to parse log files in a pretty quick manner.
While most administrators are familiar with grep, most have not
become so familiar with awk, instead favoring Perl. awk has a
number of advantages over grep, and even a few over Perl."