Metadata-Version: 2.1
Name: loganalyst
Version: 1.0.11
Summary: Analyse some log files
Home-page: https://github.com/fdev31/loganalyst
License: MIT
Author: fdev31
Author-email: fdev31@gmail.com
Requires-Python: >=3.8
Classifier: Development Status :: 4 - Beta
Classifier: Environment :: Console
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.1
Classifier: Programming Language :: Python :: 3.10
Classifier: Programming Language :: Python :: 3.2
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.8
Classifier: Programming Language :: Python :: 3.9
Requires-Dist: pydantic (>=1.9.2,<2.0.0)
Requires-Dist: python-dateutil (>=2.8.2,<3.0.0)
Requires-Dist: termcolor (>=1.1.0,<2.0.0)
Requires-Dist: tomli (>=2.0.1,<3.0.0)
Description-Content-Type: text/markdown

# Log analyst

## Features

- parse log files
- filters by date / timestamps
- correlates log lines (start and end of some processing)
   - show total duration
- friendly colored output
- able to output short summaries
- "folding" lines
   - keeps lines not matching an iso timestamp attached to the matching ones
- supports gzipped files

## Usage

```
usage: loga [-h] [-x | --extra | --no-extra] [-s | --summary | --no-summary] [-n | --nolog | --no-nolog] [-m | --max | --no-max] [-b DATE] [-e DATE] TOML_FILE LOG_FILE

Parse some logs.

positional arguments:
  TOML_FILE             correlation rules to use
  LOG_FILE              (possibly gzipped) log file

options:
  -h, --help            show this help message and exit
  -x, --extra, --no-extra
                        show extra log lines (not matched by iso_regex) (default: False)
  -s, --summary, --no-summary
                        show summary (default: False)
  -n, --nolog, --no-nolog
                        don't show log (default: False)
  -m, --max, --no-max   show max durations (default: False)
  -b DATE, --begin DATE
                        start from a date
  -e DATE, --end DATE   stop to a date
```

For instance, with systemd logs:

```
journalctl -b 5 -o short-iso | loga -s correlators/sample.toml -
```

## Sample correlation


*Note*: the "loganalyst" section is a configuration, which is optional, use only in case overriding values is needed.

Use the documented correlation file in [correlators/sample.toml](https://github.com/fdev31/loganalyst/blob/main/correlators/sample.toml). You can also [download the file](https://raw.githubusercontent.com/fdev31/loganalyst/main/correlators/sample.toml).

