Presets

log2seq.preset

log2seq.preset is a submodule to provide some settings for frequently used log formats.

log2seq.preset.apache_errorlog_parser()

Generate LogParser for Apache error logs in default format.

e.g., [Wed Oct 11 14:32:52 2000] [error] [client 127.0.0.1] client denied by server configuration: /export/home/live/ap/htdocs/test
e.g., [Fri Sep 09 10:42:29.902022 2011] [core:error] [pid 35708:tid 4328636416] [client 72.15.99.187] File does not exist: /usr/local/apache2/htdocs/favicon.ico
Returns:LogParser
Reference:
Log Files - Apache HTTP Server Version 2.4: https://httpd.apache.org/docs/2.4/en/logs.html
log2seq.preset.default()

Generate LogParser of default settings.

It consists of default_header_parsers() and default_statement_parser(). init_parser() generates same instance without any arguments.

Returns:LogParser
log2seq.preset.default_header_parsers()

Generate list of HeaderParser with default settings.

The default header parsers consists of 2 different rules.

  • Rule 1 (designed for syslogd default format)

  • Rule 2 (designed for default asctime format of python logging)

Returns:list of HeaderParser
log2seq.preset.default_statement_parser()

Generate StatementParser with default settings.

The default parser consists of 4 step actions.

  1. Split with standard symbols including white space and parenthesis
  2. FixIP to fix IP addresses (including network address)
  3. Fix with timestamps and MAC addresses
  4. Split with :
Returns:StatementParser