logtool(1) parse and filter syslog files


(stdout) | logtool -[args]

Logtool is a command line program that will parse logfiles into a more palatable format. It will take anything resembling a syslog or multilog file, as well as unformatted ASCII, and crunch it into one of the following formats for your viewing pleasure:

        ANSI (colorized for easy "at a glance" viewing)
       ASCII (e-mail reports/term's w/o color)
       CSV (spreadsheet/database imports)
       HTML (for generating web pages)
       RAW (for no good reason)


-o [ ANSI | ASCII | CSV | HTML | RAW ]
Allows you to specify the output format to be one of the following: ANSI (default), ASCII, CSV, HTML, RAW. Options are not case sensitive (ie: -o CSV and -o csv should yield the same results)
-t [ long | short ]
Allows you to specify the time display format to be one of the following: (Long [default]) Mon Dy HH:MM:SS or (Short) HH:MM
Causes logtool to beep on RED events (ANSI output only). This is usefull when you want to monitor a logfile on an ongoing basis, and wish to have your terminal beep whenever something out of the ordinary happens.
Causes logtool to not display the syslog "source" field
Causes logtool to not display the "program" field
-c [/path/config.file]
Allows you to specify a config file other than the default /etc/logtool/logtool.conf
-i [/path/includefile]
Allows you to specify an alterate file containing regex's for inclusion [default=/etc/logtool/include]
-e [/path/excludefile]
Allows you to specify an alternate file containing regex's for exclusion [default=/etc/logtool/exclude]
Causes logtool to skip any attempts to resolve IP->Hostname by the various modules (handy when your DNS is down temporairly).
Set logtool to operate in verbose mode (does nothing currently)
Causes logtool to print it's version information and exit
Display the help message


As a 'live' logfile monitoring tool:
tail -f /var/log/messages | logtool -o ANSI -b
To generate colorized webpages of logfiles:
cat /var/log/messages | logtool -o HTML > /home/httpd/html/logs/messages.html
To generate reports via a cronjob:
retail /var/log/messages | logtool -o ASCII | mail -s "Daily report" [email protected]



The config file should be commented to the point of being self-documenting, so we will not comment very extensively on it here. Suffice to say, this is the place where you should configure 99% of your runtime options for logtool. You may also have a collection of different default configurations, and select amongst them by the '-c' option of logtool.


Logtool is known to compile/run on all UNIX flavors using a 2.95.x GNU C Compiler, the GNU Make utility, and a proper ANSI C library (glibc is recommended, but not required). Specific reports of success include FreeBSD, OpenBSD, Solaris, SunOS, AIX, SCO, and of course, any known flavor of Linux (including at least 2 embedded system variants).


A.L.Lambert <[email protected]>