Step 1. compile & install

make install


Step 2. configure btail

Default configuration file:
db_bad = .btail_db_bad
db_good = .btail_db_good
db_conf = .btail_db_conf
logfile = /var/adm/messages

db_... are the database files which are filled by blearn. They are
used as reference when btail calculates if an event is bad or good.
logfile is the logfile which you want to monitor. As you see, one
needs a seperate configurationfile AND databases(!) for each file
to monitor.


Step 3. learn logging

blearn -g good_logging
blearn -b bad_logging

good_logging should contain events which are considered ok.
bad_logging should contain logging of events you want to see, e.g.
disk errors, invalid loggings, etc.


Step 3. use btail

btail

This will read the logfile defined in btail.conf and emit events
which are considered not-ok by the bayesian filter.


--- folkert@vanheusden.com
