Log parsing and analysis

Log files are often treated like the unwanted by-product of IT activity, sitting somewhere in a dark corner of a computer system, examined only occasionally, usually in the case of after-the-fact reactive problem solving.

I centralize all my systems and network logs in a big syslog-server, but I use only those records in case of forensic (grep, sed and awk looks sufficient).

1) Using ‘LIRE’

LIRE looks the most relevant tools that I can use here :

Generating a Report With lr_log2report

This is the way to generate a report in the text output format for a log file taken from an Apache™ log server.

&amp;lt;br /&amp;gt;&lt;br /&gt;<br />
$lr_log2report combined /var/log/apache/access_log ~/report&lt;br /&gt;<br />
&amp;lt;/div&amp;gt;&lt;br /&gt;<br />
&amp;lt;p&amp;gt;

Another output format than the default one (usually text) can be selected by using the --ouput switch with the lr_log2report command.

Generating A HTML Report

To generate a HTML report from the same log file as above, you would use the following command:

$lr_log2report --output html combined/var/log/apache/access_log apache_report

Be the first to comment

Leave a Reply

Your email address will not be published.


*


*