Robust CLI syslog forensics tool
Project description
Logdissect is a tool for analyzing syslog files. It can merge entries from multiple log files and sort by timestamp, and filter the results by time range and other criteria. Results are output to the terminal by default, and can also be output to standard syslog file format, or to a JSON array along with some metadata.
Options
usage: logdissect [-h] [--grep PATTERN] [--host HOST] [--last LAST]
[--process PROCESS] [--range RANGE] [--rgrep RPATTERN]
[--outlog OUTLOG] [--label LABEL] [--outjson OUTJSON]
[--version] [--list-parsers] [--list-morphers]
[--list-outputs] [-p PARSER] [-s] [--verbose]
[file [file ...]]
positional arguments:
file specify input files
optional arguments:
-h, --help show this help message and exit
--version show program's version number and exit
--list-parsers return a list of available parsers
--list-morphers return a list of available morphers
--list-outputs return a list of available output formats
-p PARSER select a parser (default: syslog)
-s silence terminal output
--verbose set verbose terminal output
morph options:
--grep PATTERN match a pattern
--host HOST match a source host
--last LAST match a preceeding time period (5m/3h/2d/etc)
--process PROCESS match a source process
--range RANGE match a time range (YYYYMMDDhhmm-YYYYMMDDhhmm)
--rgrep RPATTERN filter out a pattern
output options:
--outlog OUTLOG set the output file for standard log output
--label LABEL set label type for entries in OUTLOG (fname|fpath)
--outjson OUTJSON set the output file for JSON output
Links
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
logdissect-1.3.1.tar.gz
(10.9 kB
view hashes)
