Skip to content

Logatory 0.2.0

Choose a tag to compare

View all tags
@T0nd3 T0nd3 released this 22 May 15:47
· 85 commits to master since this release
v0.2.0
58e6809

First PyPI release of Logatory — a local-first log analysis tool.

Logatory reads logs from files, stdin or OpenSearch, redacts PII directly after parsing, detects threats with a rule engine, tracks recurring errors, flags statistical anomalies, and explains findings with a local or cloud LLM — through a CLI, a web dashboard and a REST API. No log data leaves the machine by default.

This is an early alpha release. The 0.x line is functional and tested (577 tests, CI on Linux/Windows/macOS, Python 3.11/3.12), but rule formats and APIs may still change.

Install

pip install logatory          # core
pip install 'logatory[web]'   # + web dashboard

Requires Python 3.11+.

Highlights

  • Format auto-detection — syslog, Nginx, JSON Lines, Windows EVTX, plaintext
  • PII redaction right after parsing — deterministic pseudonymisation, nothing downstream sees raw PII
  • Rule engine — native YAML rules plus Sigma rule import
  • Error tracking — fingerprint-based deduplication; LLM explanations include the full stack trace
  • Anomaly detection — statistical Z-score baseline
  • LLM layer — Ollama (local) by default; optional Claude / OpenAI-compatible providers
  • Web dashboard (FastAPI + HTMX) with a sortable Top Rules panel, plus a Bearer-authenticated REST API
  • Plugin system for custom rules and PII patterns
  • Pipe Docker logs straight in — no aggregation stack required: docker compose logs | logatory scan -

Licensed under Apache-2.0.

Assets 2
Loading