skip to navigation
skip to content

logdissect 2.2

Robust CLI syslog forensics tool

Logdissect is a command line tool for analyzing syslog files. It can merge entries from multiple log files and sort by timestamp, and filter the results by time range and other criteria. Results are output to the terminal by default, and can also be output to standard syslog file format, or to a JSON array along with some metadata.

Options

usage: logdissect [-h] [--dest DEST] [--grep PATTERN] [--last LAST]
                  [--process PROCESS] [--protocol PROTOCOL] [--range RANGE]
                  [--rdest RDEST] [--rgrep RPATTERN] [--rprocess RPROCESS]
                  [--rsource RSOURCE] [--source SOURCE] [--outlog OUTLOG]
                  [--label LABEL] [--outjson OUTJSON] [--version] [--verbose]
                  [-s] [--list-parsers] [-p PARSER] [-z] [-t TZONE]
                  [file [file ...]]

positional arguments:
  file                 specify input files

optional arguments:
  -h, --help           show this help message and exit
  --version            show program's version number and exit
  --verbose            set verbose terminal output
  -s                   silence terminal output
  --list-parsers       return a list of available parsers
  -p PARSER            select a parser (default: syslogbsd)
  -z, --unzip          include files compressed with gzip
  -t TZONE             specify timezone offset to UTC (e.g. '+0500')

morph options:
  --dest DEST          match a destination host
  --grep PATTERN       match a pattern
  --last LAST          match a preceeding time period (e.g. 5m/3h/2d/etc)
  --process PROCESS    match a source process
  --protocol PROTOCOL  match a protocol
  --range RANGE        match a time range (YYYYMMDDhhmm-YYYYMMDDhhmm)
  --rdest RDEST        filter out a destination host
  --rgrep RPATTERN     filter out a pattern
  --rprocess RPROCESS  filter out a source process
  --rsource RSOURCE    filter out a source host
  --source SOURCE      match a source host

output options:
  --outlog OUTLOG      set the output file for standard log output
  --label LABEL        set label type for OUTLOG (fname|fpath)
  --outjson OUTJSON    set the output file for JSON output
 
File Type Py Version Uploaded on Size
logdissect-2.2.tar.gz (md5) Source 2017-07-18 17KB