Laggregato stands for "Log Aggregator" Parse a given log file and aggregate lines based on given fields for jointure. The utput format is a CSV file with ; delimiter.
i.e. Can be used for firewall log traffic analysis (initial purpose of this tool).
Log fields format must be key=value or key="va lue"
- An input log file formatted with key=value or key="va lue"
- A working python environment or a Windows OS using the Windows binary file laggregato_0.3.zip.
laggregato.exe -h
laggregato.exe --help
laggregato.exe -i <input_log_file> -o <output_csv_file> -j <jointures list> [-f <filters>]
-i, --ifile
Path of the input log file. The input log file must be readable and in text format.
-o, --ofile
Path of the output csv file. The output csv file folder must be writable.
-j
List of fields for jointure in one of the following format :
srcip
srcip,dstip,action
"srcip","dstip","action"
If the quotes really exist in the log file, they must be escaped with \ as shown below :
\"Field name here\"
-f
Optional list of patterns. Only logs mathing these patterns will be processed.
- Improve readme file
- Specify the input log format. For now, only logs formatted with key=value or key="va lue" are working.
- Create an exclusion list for filtering patterns
- Sylvain Benech - Initial work - Chuck182
This project is licensed under the GPL v3 License - see the LICENSE.md file for details
Feel free to contribute to this project.