Public | Automated Build

Last pushed: a year ago
Short Description
log file analyser
Full Description

#!/usr/bin/env perl

use strict;
use warnings;

PODNAME: saftpresse

ABSTRACT: a modular and configurable logfile analyzer


=head1 Synopsis

usage: bin/saftpresse
[--config|-c <file>]
[--log-level|-l <level>]

=head1 Description

Saftpresse is a modular log file analyzer written perl.

It features plugin architecture for

=head2 Inputs

For reading events from multiple sources.


=item LLog::Saftpresse::Input::Stdin

Reads log lines from STDIN.

=item LLog::Saftpresse::Input::FileTail

Will read all new lines from a file like tail(1) does.

=item LLog::Saftpresse::Input::Server

Line based TCP server. (eg. for syslog)

=item LLog::Saftpresse::Input::RELP

A TCP server implmenting the RELP protocol.

=item LLog::Saftpresse::Input::Redis

Will read events from a redis queue.

=item LLog::Saftpresse::Input::Lumberjack

A server implementing the lumberjack protocol v1/v2
used by logstash and beats.

=item LLog::Saftpresse::Input::Command

A input reading output of a command.

=item LLog::Saftpresse::Input::Journald

Read events from systemd journal.


=head2 Plugins

For processing of events.

Plugins are able to convert or alter events.
They can add additional information like dns lookup or geo-locations.
They can also create relationships between events.
For example measure the time between the connect and disconnect of a client.

A counter api could be used to meter events and their content.


=item LLog::Saftpresse::Plugin::Amavis

Plugin for amavisd-new log output.

=item LLog::Saftpresse::Plugin::Apache

Plugin for apache httpd log output.

=item LLog::Saftpresse::Plugin::GeoIP

Plugin for looking up ip in GeoIP database.

=item LLog::Saftpresse::Plugin::GraphitLineFormat

Plugin for parsing graphit line format messages.

=item LLog::Saftpresse::Plugin::LinuxNetfilter

Plugin for parsing output of linux netfilters LOG target.

=item LLog::Saftpresse::Plugin::Postfix

Plugin for parsing postfix mail logs based on pflogsumm.

=item LLog::Saftpresse::Plugin::PostfixGeoStats

Plugin to add geoip information to postfix events.

=item LLog::Saftpresse::Plugin::Syslog

Plugin to parse syslog network line format.

=item LLog::Saftpresse::Plugin::SyslogFile

Plugin to parse syslog file format. (/var/log/...)


=head2 Outputs

Multiple outputs can be defined for storing of events.


=item LLog::Saftpresse::Output::Elasticsearch

Write events to an elasticsearch server.

=item LLog::Saftpresse::Output::Graphite

Write graphit events to an carbon line reciever.

=item LLog::Saftpresse::Output::JSON

Dump events in JSON format.

=item LLog::Saftpresse::Output::Redis

Write events to a redis queue.


=head2 Counter Outputs

Multiple outputs can be defined for storing of counter data.


=item LLog::Saftpresse::CountersOutput::Dump

Dumper metric data.

=item LLog::Saftpresse::CountersOutput::Graphite

Write metrics to a carbon line reciever.


=head1 Architecture

The saftpresse engine is currently designed as a single process
using non-blocking IO.


use Log::Saftpresse::App;

my $app = Log::Saftpresse::App->new;


Docker Pull Command
Source Repository