From 0c26eadee100c29962dbcfb7111693ee7f916074 Mon Sep 17 00:00:00 2001 From: Andrew Lorimer Date: Sun, 17 Mar 2019 20:12:06 +1100 Subject: [PATCH 1/1] add readme --- readme.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100644 readme.md diff --git a/readme.md b/readme.md new file mode 100644 index 0000000..5130bc9 --- /dev/null +++ b/readme.md @@ -0,0 +1,24 @@ +# logparse + +(![source](https://git.lorimer.id.au/logparse.git/)) // written by ![Andrew Lorimer](https://lorimer.id.au) + +This is a utility to analyse medium-term logs (up to around 30 days old) on servers. It summarises notable events and statistics reported from several programs. At the moment, logparse can interface with: + +- sshd (number of logins, list users & clients) +- sudo (number of sessions, users, commands) +- cron (list commands) +- ![nameget](https://git.lorimer.id.au/scripts.git/tree/nameget.sh) (list successful/failed downloads) +- apache (list requests, clients, user agents, bytes transferred, errors) +- smbd (number of logins, list users & clients) +- postfix (list recipients and bytes sent) +- zfs (srub data, usage data) +- lmsensors (system, CPU, per-core, per-disk) +- du (specify paths to show usage and change since last analysis) + +Support for further services and custom scripts is planned. + +logparse is also integrated with systemd logrotate to optionally rotate logs only after they have been summarised, and the user may choose to get an email (requires postfix) or a static HTML page with the log summary. As an added feature, IP addresses from ssh/samba/apache may be resolved to either hostnames or FQDNs. + +Configuration is through the file `/etc/logparse.conf`, in yaml format. + +Note that logparse must be run as root (preferably as a cron job). This is required for temperature reading and for writing to `/var/log/`. -- 2.47.0