2017 © Pedro Peláez
 

library logfilter

a cli app for filtering web server access logs

image

tmf/logfilter

a cli app for filtering web server access logs

  • Tuesday, March 24, 2015
  • by tmf
  • Repository
  • 1 Watchers
  • 0 Stars
  • 0 Installations
  • PHP
  • 0 Dependents
  • 0 Suggesters
  • 0 Forks
  • 0 Open issues
  • 3 Versions
  • 0 % Grown

The README.md

Logfilter is PHP CLI application which consumes log entries from a web server's access log. Each log entry is then processed in a filter chain implemented with the Symfony EventDispatcher component, where you can add your own filter's with a container service definition (config.yml). The idea is that log entries can be passed along the filter chain (or withheld). Each filter (an EventListener) can also influence the propagation of the logentries or dispatch new events (like banning a host)., (*1)

Usage

  1. Configure the filter chain with config.yml: declare your EventListener's as Services, order by inverse with priority parameter in the tag. ```yaml` tmf.logfilter.endpoint: class: Tmf\LogFilter\Filter\EndPointFilter arguments: endpoints: - "\/endpoint" tags: - { priority: 10, name: kernel.event_listener, event: logfilter.process, method: onProcess }, (*2)

    tmf.logfilter.requestabuse: class: Tmf\LogFilter\Filter\RequestAbuseFilter arguments: window: 5 maxHits: 3 eventDispatcher: @event_dispatcher tags: - { priority: 9, name: kernel.event_listener, event: logfilter.process, method: onProcess } - { name: kernel.event_listener, event: logfilter.report, method: onReport } - { name: kernel.event_listener, event: logfilter.ban_host, method: onBanHost }, (*3)

    tmf.logfilter.getparameter: class: Tmf\LogFilter\Filter\GetParameterCounter arguments: getParameter: "param" tags: - { priority: 8, name: kernel.event_listener, event: logfilter.process, method: onProcess } - { name: kernel.event_listener, event: logfilter.report, method: onReport } - { name: kernel.event_listener, event: logfilter.ban_host, method: onBanHost }, (*4)

    ```, (*5)

  2. Run the logfilter with, (*6)

    ./bin/logfilter -c config.yml access.log
    

Extend

You can tie in your own filters (like a UserAgent filter, or a Datacenter IP-Block filter). EventListeners will receive a LogEntriesEvent event, whenever a 'logfilter.process' or 'logfilter.ban_host' event is dispatched. The LogEntriesEvent can have one or multiple LogEntry objects (multiple: when log entries are withheld), (*7)

Todo

  • use console output for reports
  • cleanup

The Versions

24/03 2015
24/03 2015
23/03 2015

dev-logfilereader

dev-logfilereader

a cli app for filtering web server access logs

  Sources   Download

MIT

The Requires

 

by Tom Forrer