|
Softpanorama |
May the source be with you, but remember the KISS principle ;-)
|
| News | Recommended Links | Log Analysers | Log Colorizing | |
| Log rotation in Solaris | Perl-Logrotate | Humor | Etc |
There is not that much Perl tools for log analysis (monitoring, colorizing, etc) and management. Logwatch is probably the most well know Perl log analyzer. This type of tools is covered in log monitoring page.
Octopussy is a solution to manage your logs (also frequently called a SIM/SEM/SIEM Solution). Basically, it stores your logs, produces reports, and raises alerts.Release focus: Major bugfixes
Changes:
Reports in XML have been added. Logs Wizard allows you to check whether unknown logs match a Service that doesn't belong to the current Device. There is a global bugfix regarding special characters. There are bugfixes for Report Scheduler and octo_logrotate.
About:
devialog is a behavior/anomaly/signature-based syslog intrusion detection system which can detect new, unknown attacks. It fits comfortably in a heterogeneous Unix/Linux/*BSD environment at the core of a central syslog server. devialog generates its own signatures and acts upon anomalies as configured by the system administrator. In addition, devialog can function as a traditional syslog parsing utility in which known signatures trigger actions.Release focus: Minor bugfixes
Changes:
Bug fixes include better handling of lines with some special characters. A timing error was fixed within alert generation: sometimes alerts would be sent inadvertently based on the timing of a new log arriving as an alert was sent out in specific high-volume log situations. Altered signature generation creates more exact regular expressions.
Updated: Thu, Oct 26th 2006 03:10 PDT LMF (Log Monitoring Framework) is a flexible log monitoring framework that allows the user to match text from log files using Perl regular expressions and capturing parentheses. An optional external command will be executed when a user-specified number of matches is found within a user-specified period. In additon to the trigger, the rule can also have a message associated with it; when the rule is triggered, that message will be logged to the LMF log file. Each rule can also have a duration associated with it; after a rule has been triggered and the duration has expired, an optional external command will be run.Author:
perldork [contact developer]
Octopussy is a Perl/XML log analyzer, alerter, and reporter.
newsyslog is a faithful Perl rewrite of the MIT newsyslog utility, with a number of features taken from the FreeBSD and NetBSD variants of newsyslog.
It archives log files based on size, date or interval, and can optionally compress archives with gzip or bzip2. Complete documentation is available via "perldoc newsyslog.pl".
Perl-Logrotate is a safe log rotation script. It is fully configurable and comes with compression. You can define the number of files to keep rotated and when to rotate. If logfiles cannot be rotated, it will put the log contents back into the file to avoid data loss. It also works with all logging software, as it only truncates the file and does not unlink it. There is no need to signal any processes after this has been run.
Lumberjack (Console/Administration)
Log rotation software, perl replacement for newsyslog
Jun 08th 1999, 08:48
stable: none - devel: none - license: Public Domain
[July 16, 1999]Lumberjack
Log rotation software, perl replacement for newsyslog
Jun 08th 1999, 08:48 stable: none - devel: none license: Public Domain. Lumberjack
is a perl replacement for the BSD newsyslog. Logs are rotated and renamed to logfile.YYMMDD,
and the daemon/signal are configurable. Contrary to the URL for the file, this program
should work on all systems, not just NetBSD.
http://kludge.psc.edu/~ksulliva/netbsd/lumberjack.man.html
System log Colorizer prints out some useful information by filtering and colorizing syslog files. It allows you to read a file, a FIFO, or from stdin, and print out only interesting data. The script colorizes each part of a log line (date, host, process, PID, and message), allows processes to have different colors, and can highlight words in a specific color. It can also use a Perl regex for syntax colorization for variable parts of messages. It filters messages (globally or by host) on process name or/and a regex on the message.
loco is a Perl script which gives the messages file (usually /var/log/messages) some color, so the output is easier to read. It uses a Perl module called Term::ANSIColor to produce the colors. The Perl script is very readable and customizable.
colorize.pl is a Perl script to colorize your system, Squid, Apache, oops, xfer, and many other logs with file, version, address, URL, email, user, service, etc. catch routines. HTML output support with "valid" HTML and CSS code is available.
logcoloriser (Console/Log
Analyzers)
Ssyslog log colourising PERL script
Jul 31st 1999, 22:12
stable: 1.0.2 - devel: none - license: GPL
Copyright © 1996-2008 by Dr. Nikolai Bezroukov. www.softpanorama.org was created as a service to the UN Sustainable Development Networking Programme (SDNP) in the author free time. Submit comments This document is an industrial compilation designed and created exclusively for educational use and is placed under the copyright of the Open Content License(OPL). Original materials copyright belong to respective owners. Quotes are made for educational purposes only in compliance with the fair use doctrine.
Standard disclaimer: The statements, views and opinions presented on this web page are those of the author and are not endorsed by, nor do they necessarily reflect, the opinions of the author present and former employers, SDNP or any other organization the author may be associated with. We do not warrant the correctness of the information provided or its fitness for any purpose.
Last modified: June 05, 2008