Robust CLI syslog forensics tool
Project description
Logdissect is a command line tool for analyzing syslog files. It can merge entries from multiple log files and sort by timestamp, and filter the results by time range and other criteria. Results are output to the terminal by default, and can also be output to standard syslog file format, or to a JSON array along with some metadata.
Options
usage: logdissect [-h] [--dest DEST] [--grep PATTERN] [--last LAST] [--process PROCESS] [--protocol PROTOCOL] [--range RANGE] [--rdest RDEST] [--rgrep RPATTERN] [--rprocess RPROCESS] [--rsource RSOURCE] [--source SOURCE] [--outlog OUTLOG] [--label LABEL] [--outjson OUTJSON] [--version] [--verbose] [-s] [--list-parsers] [-p PARSER] [-z] [-t TZONE] [file [file ...]] positional arguments: file specify input files optional arguments: -h, --help show this help message and exit --version show program's version number and exit --verbose set verbose terminal output -s silence terminal output --list-parsers return a list of available parsers -p PARSER select a parser (default: syslogbsd) -z, --unzip include files compressed with gzip -t TZONE specify timezone offset to UTC (e.g. '+0500') morph options: --dest DEST match a destination host --grep PATTERN match a pattern --last LAST match a preceeding time period (e.g. 5m/3h/2d/etc) --process PROCESS match a source process --protocol PROTOCOL match a protocol --range RANGE match a time range (YYYYMMDDhhmm-YYYYMMDDhhmm) --rdest RDEST filter out a destination host --rgrep RPATTERN filter out a pattern --rprocess RPROCESS filter out a source process --rsource RSOURCE filter out a source host --source SOURCE match a source host output options: --outlog OUTLOG set the output file for standard log output --label LABEL set label type for OUTLOG (fname|fpath) --outjson OUTJSON set the output file for JSON output
Links
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
logdissect-2.0.1.tar.gz
(17.8 kB
view hashes)