NAME¶

logtool - parse and filter syslog files

SYNOPSIS¶

(stdout) | logtool -[args]

Logtool is a command line program that will parse logfiles into a more palatable format. It will take anything resembling a syslog or multilog file, as well as unformatted ASCII, and crunch it into one of the following formats for your viewing pleasure:

ANSI (colorized for easy "at a glance" viewing)

ASCII (e-mail reports/term's w/o color)

CSV (spreadsheet/database imports)

HTML (for generating web pages)

RAW (for no good reason)

OPTIONS¶

-o [ ANSI | ASCII | CSV | HTML | RAW ]

Allows you to specify the output format to be one of the following: ANSI (default), ASCII, CSV, HTML, RAW. Options are not case sensitive (ie: -o CSV and -o csv should yield the same results)

-t [ long | short ]

Allows you to specify the time display format to be one of the following: (Long [default]) Mon Dy HH:MM:SS or (Short) HH:MM

-b

Causes logtool to beep on RED events (ANSI output only). This is usefull when you want to monitor a logfile on an ongoing basis, and wish to have your terminal beep whenever something out of the ordinary happens.

-s

Causes logtool to not display the syslog "source" field

-p

Causes logtool to not display the "program" field

-c [/path/config.file]

Allows you to specify a config file other than the default /etc/logtool/logtool.conf

-i [/path/includefile]

Allows you to specify an alterate file containing regex's for inclusion [default=/etc/logtool/include]

-e [/path/excludefile]

Allows you to specify an alternate file containing regex's for exclusion [default=/etc/logtool/exclude]

-n

Causes logtool to skip any attempts to resolve IP->Hostname by the various modules (handy when your DNS is down temporairly).

-v

Set logtool to operate in verbose mode (does nothing currently)

-V

Causes logtool to print it's version information and exit

-h

Display the help message

SUGGESTED USAGE(S)¶

As a 'live' logfile monitoring tool:

tail -f /var/log/messages | logtool -o ANSI -b

To generate colorized webpages of logfiles:

cat /var/log/messages | logtool -o HTML > /home/httpd/html/logs/messages.html

To generate reports via a cronjob:

retail /var/log/messages | logtool -o ASCII | mail -s "Daily report" someuser@somedomain.ext

CONFIG FILE¶

/etc/logtool/logtool.conf

The config file should be commented to the point of being self-documenting, so we will not comment very extensively on it here. Suffice to say, this is the place where you should configure 99% of your runtime options for logtool. You may also have a collection of different default configurations, and select amongst them by the '-c' option of logtool.

AVAILABILITY¶

Logtool is known to compile/run on all UNIX flavors using a 2.95.x GNU C Compiler, the GNU Make utility, and a proper ANSI C library (glibc is recommended, but not required). Specific reports of success include FreeBSD, OpenBSD, Solaris, SunOS, AIX, SCO, and of course, any known flavor of Linux (including at least 2 embedded system variants).

SEE ALSO¶

regex(7) for help with constructing regular expressions for the include/exclude/colors files. If you find no regex manual on your system, try 'apropos regex' and see what you get, or as a last ditch, 'man grep' should at least point you in the right direction.

You can also find a somewhat better bit of documentation in the textfile 'logtool.txt' (usually in the /usr/doc/, /usr/share/doc/ or similar tree on most Linux distributions). If you don't know where to look, you can probably find it by typing 'locate logtool.txt' at the command line.

AUTHOR¶

A.L.Lambert <al@xjack.org>