• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

conf/H04-Jun-2003-189139

dd/H04-Jun-2003-335222

doc/H03-May-2022-425333

scripts/H19-Mar-2003-13768

src/H03-May-2022-3,9362,156

CHANGESH A D19-Mar-20038.6 KiB214194

COPYINGH A D24-Dec-200017.6 KiB341281

CREDITSH A D18-Mar-20033.4 KiB7959

ChangesH A D18-Mar-20034.7 KiB10477

INSTALLH A D18-Mar-2003555 1711

MakefileH A D04-Jun-2003726 2821

Makefile.inH A D29-May-2003669 2721

READMEH A D18-Mar-20034.7 KiB9776

TODOH A D18-Mar-2003985 2818

USAGEH A D26-Dec-2000224 74

buildH A D29-May-20030

build.distroH A D19-Mar-2003899 5229

config.hH A D04-Jun-20031.2 KiB4511

config.h.inH A D16-May-20031.1 KiB4429

configureH A D04-Jun-200371.1 KiB2,4491,987

configure.inH A D04-Jun-20035.1 KiB253217

install-shH A D12-Jan-20015.5 KiB251152

logtool.specH A D04-Jun-200310.2 KiB275231

logtool.spec.inH A D04-Apr-200310.2 KiB275240

missingH A D12-Jan-20016.1 KiB189152

README

1Logtool A logfile parsing/manipulation tool for managing syslog/syslog-ng/etc
2	generated logfiles.
3
4	What:
5
6	At it's heart, logtool is a command line program, to parse up logfiles
7into a more palatable format.  It will take anything resembling a standard
8syslog file (this includes syslog-ng, and probably most of the other variants
9out there), and crunch it into one of the following formats for your viewing
10pleasure:
11
12	ANSI 	(colorized for easy "at a glance" viewing)
13	ASCII 	(for e-mail'ed reports, and term's that don't support color)
14	CSV	(for importing into your favorite spreadsheet/database)
15	HTML	(for generating web pages (duh?))
16	RAW	(for no good reason other than an excuse to printf();)
17
18	New as of the 1.2.x branch, logtool will also parse logfiles created
19by D.J.Bernstien's multilog and other similarly formatted logfiles, as well as
20handle unknown formating.  It also knows some specizalized logfile formats
21such as Snort, and IPtables, and will parse those into specialized colors as
22well as do IP->Hostname resolution and other neat things.
23
24	It can be configured to parse the data any one of several ways,
25including stripping the host, and/or program fields, and modifying the time
26display format of the log entry's.  New in the 1.2.x branch, it can also
27handle syslog-ng style hostname fields, and optionally strip the src@/kern@
28for scree-space sake, as well as parse the Hostname/IP format to show only
29hostname or IP address(es).  See logtool.conf for more details.
30
31	Somewhat new in the 1.2.x branch, is the reliance on config file's
32as the primary runtime configuration rather than command line switches. The
33default logtool.conf is well commented, and you should have a look through it
34to get comfortable with the options at your disposal.  Those of you who have
35written scripts and such which rely on the old command-line syntax will be
36happy to know that backwards compatibility has been maintained in this regard,
37though you should update your scripts to use config file's as much as
38possible.
39
40	Please check out the doc/* directory for more information on the
41things you can/can't do with logtool (like how to do them :).
42
43
44	Why?:
45
46	For all my Linux/UNIX life, especially as a SysAdmin, I've been up to
47my neck in logfiles.  I'm also a shell script junkie, and I've been writing
48scripts to make my life easier (for logfiles, and everything else) for years,
49but when dealing with big logfiles (and it doesn't take much to become a "big"
50file to a shell script based parsing routine), it's just too dang slow to do
51it right.  Perl is a pain in the butt in terms of portability (yes, I know you
52can run perl anywhere... anywhere you've installed a gazillion friggin perl
53modules).  So what I really needed was a nice little C program to handle the
54grunt work, and some shell scripts to interface to that program.  I looked
55around, but I didn't see any GNU tools to do precisely what I wanted, so
56I wrote this one, and am now releasing it to the public, because (IMHO), there
57should be a program like this in the world to let folks who have to muck with
58logfiles have easier lives.
59
60
61	Uses:
62
63	I expect this program to have primarily two uses (although if it suits
64other needs, use it for whatever you want).
65
66	1.  As an engine for use by shell scripts to generate nice little
67	    reports to e-mail people, or create webpages, and other similar
68	    uses.
69
70	2.  As a logfile monitoring tool for network operations center like
71	    environments, where it's nice to have logfile's scrolling across
72	    the screen in easy to read color.  I've included a "redbeep" option
73	    so that in such cases, "red" events will generate a Ctrl-G to catch
74	    the attention of NOC personnel.
75
76	Notes:
77
78	This program _should_ compile/run on almost anything resembling UNIX,
79although I have only tested with Linux.  Hopefully some of you will give it a
80try on some of the other UNIX flavors out there.  It was written in plain old
81C library function call's (no snprintf() or other things that are known to be
82pesky on some UNIX'es (Solaris anyone?)), and it compiles clean with -W -Wall
83passed to the compiler, so I assume it is something like reasonable code
84(I'm a self-taught programmer, so all bets are off if the compiler lied :).
85
86	Especiall note, the 1.2.x code tree has changed a LOT from the 1.0
87tree.  It may no longer work on platforms it used to work on!  If you find
88your platform is one of these, please feel free to contact me (al@xjack.org)
89and let me know the problem, and I'll work on fixing it for you (free of
90charge even, can you beat that? :)
91
92	Also, the documentation is not yet complete (nobody likes to write
93documentation, me included), but what is there should be enough to get you
94up to speed if you're at all familiar with UNIX or Linux.
95
96	--A.L.Lambert <al@xjack.org>
97