ABSTRACT: a modular and configurable logfile analyzer
Saftpresse is a modular log file analyzer written perl.
It features plugin architecture for
For reading events from multiple sources.
Reads log lines from STDIN.
Will read all new lines from a file like tail(1) does.
Line based TCP server. (eg. for syslog)
A TCP server implmenting the RELP protocol.
Will read events from a redis queue.
A server implementing the lumberjack protocol v1/v2
used by logstash and beats.
A input reading output of a command.
Read events from systemd journal.
For processing of events.
Plugins are able to convert or alter events.
They can add additional information like dns lookup or geo-locations.
They can also create relationships between events.
For example measure the time between the connect and disconnect of a client.
A counter api could be used to meter events and their content.
Plugin for amavisd-new log output.
Plugin for apache httpd log output.
Plugin for looking up ip in GeoIP database.
Plugin for parsing graphit line format messages.
Plugin for parsing output of linux netfilters LOG target.
Plugin for parsing postfix mail logs based on pflogsumm.
Plugin to add geoip information to postfix events.
Plugin to parse syslog network line format.
Plugin to parse syslog file format. (/var/log/...)
Multiple outputs can be defined for storing of events.
Write events to an elasticsearch server.
Write graphit events to an carbon line reciever.
Dump events in JSON format.
Write events to a redis queue.
=head2 Counter Outputs
Multiple outputs can be defined for storing of counter data.
Dumper metric data.
Write metrics to a carbon line reciever.
The saftpresse engine is currently designed as a single process
using non-blocking IO.
my $app = Log::Saftpresse::App->new;