logdissect

Robust CLI syslog forensics tool

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Project description

Logdissect is a command line tool for analyzing syslog files. It can merge entries from multiple log files and sort by timestamp, and filter the results by time range and other criteria. Results are output to the terminal by default, and can also be output to standard syslog file format, or to a JSON array along with some metadata.

Options

usage: logdissect [-h] [--dest DEST] [--grep PATTERN] [--last LAST]
                  [--process PROCESS] [--protocol PROTOCOL] [--range RANGE]
                  [--rdest RDEST] [--rgrep RPATTERN] [--rprocess RPROCESS]
                  [--rsource RSOURCE] [--source SOURCE] [--outlog OUTLOG]
                  [--label LABEL] [--outjson OUTJSON] [--version] [--verbose]
                  [-s] [--list-parsers] [-p PARSER] [-z] [-t TZONE]
                  [file [file ...]]

positional arguments:
  file                 specify input files

optional arguments:
  -h, --help           show this help message and exit
  --version            show program's version number and exit
  --verbose            set verbose terminal output
  -s                   silence terminal output
  --list-parsers       return a list of available parsers
  -p PARSER            select a parser (default: syslogbsd)
  -z, --unzip          include files compressed with gzip
  -t TZONE             specify timezone offset to UTC (e.g. '+0500')

morph options:
  --dest DEST          match a destination host
  --grep PATTERN       match a pattern
  --last LAST          match a preceeding time period (e.g. 5m/3h/2d/etc)
  --process PROCESS    match a source process
  --protocol PROTOCOL  match a protocol
  --range RANGE        match a time range (YYYYMMDDhhmm-YYYYMMDDhhmm)
  --rdest RDEST        filter out a destination host
  --rgrep RPATTERN     filter out a pattern
  --rprocess RPROCESS  filter out a source process
  --rsource RSOURCE    filter out a source host
  --source SOURCE      match a source host

output options:
  --outlog OUTLOG      set the output file for standard log output
  --label LABEL        set label type for OUTLOG (fname|fpath)
  --outjson OUTJSON    set the output file for JSON output

Project details

These details have not been verified by PyPI

Project links

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

3.1.1

Apr 7, 2018

3.1

Apr 5, 2018

3.0.2

Mar 25, 2018

3.0.1

Mar 23, 2018

3.0

Mar 22, 2018

2.2.1

Jan 11, 2018

2.2

Jul 18, 2017

2.1

Jun 14, 2017

This version

2.0.2

Jun 13, 2017

2.0.1

Jun 7, 2017

2.0

May 30, 2017

1.3.1

Apr 24, 2017

1.3

Apr 21, 2017

1.2.2

Apr 1, 2017

1.2.1

Apr 1, 2017

1.2

Mar 31, 2017

1.1.1

Mar 28, 2017

1.1

Mar 28, 2017

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

logdissect-2.0.2.tar.gz (11.7 kB view hashes)

Uploaded Jun 13, 2017 Source

Hashes for logdissect-2.0.2.tar.gz

Hashes for logdissect-2.0.2.tar.gz
Algorithm	Hash digest
SHA256	`3902ada7614869135c09766d3c43a037e59d94a2b63af450e38ae7e694fe9435`
MD5	`cbacb7633f5e5642b8a6efaba2fc8ded`
BLAKE2b-256	`418379d01471e9f1e118389d082b3cd25748b95e8b7a7b726154e074832606a5`