Lograptor is a GREP-like search tool for system logs written in legacy BSD syslog format RFC 3164 and for IETF syslog protocol RFC 5424.
The program can perform searches in syslog files like as the UNIX command "grep", but with the addition of some filters and parameters, useful to restrict the search field and retrieve the relevant information from log files. You could specify parameters like hostname, application, date, time range, plus a set of filters on message data.
Lograptor can also produce reports and publish them into a directory or send them by e-mail. The report may be a general or a specific report tailored for some accounts or hosts.
The basic idea is to have a compact and highly configurable CLI tool for system logs analysis. The log analysis is based on application or device that originated the message, using a set of rules for matching and for report composition.
Please send feedback for bugs, feature requests, suggestions, comments and criticism.
Clone the git repository, choosing one of those commands:
git clone https://github.com/brunato/lograptor git clone git://github.com/brunato/lograptor.git
or download the zip archive from the site and extract the content to a folder. Then go into the created directory (lograptor) to install or build the software.
Easiest way is to get and install the RPM/DEB package. To installing from source uncompact the tarball into a directory. Then cd in the directory and type:
python setup.py build install
Lograptor package and source requires python >= 2.6 (included python 3.0+).
After the installation edit the files in /etc/lograptor to reflect your environment:
/etc/lograptor/lograptor.conf Default main configuration file /etc/lograptor/report_template.html Report HTML template /etc/lograptor/report_template.txt Report plain text template /etc/lograptor/conf.d/*.conf Configuration files for applications
For more info about main configuration file please see "man lograptor.conf". For each application a configuration file is needed. Logs of unconfigured applications are simply ignored by the program. For more info please see "man lograptor-apps".
lograptor [options] [FILE ...] lograptor [options] [-e PATTERN | -f PATTERNS_FILE ] [FILE ...]
Lograptor has many CLI options. Some options are identical to those of UNIX command "grep". If FILE arguments list is empty the program processes the log files of the last 24 hours. For more information on usage options see "lograptor --help" or "man lograptor".
Copyright (C) 2012-2014 by SISSA
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
Davide Brunato <brunato@sissa.it>, SISSA - Scuola Internazionale Superiore di Studi Avanzati/International School for Advanced Studies, Trieste, ITALY
- Improve the anonymized output feature;
- Introduce several different levels of details as a program option, in order to produce more or less verbose reports;
- Try an integration with RFC 3161 timestamp services, in order to mark rotated log files and the produced reports;
- Maybe examine the opportunity to translate a log format to another format.