CLI application to group Apache access logs into human readbable format.
angela
19dd8177b1
Config option added
|
5 years ago | |
|---|---|---|
| classes | 5 years ago | |
| controller | 5 years ago | |
| img | 5 years ago | |
| logs | 5 years ago | |
| model | 5 years ago | |
| view | 5 years ago | |
| LICENSE | 5 years ago | |
| README.md | 5 years ago | |
| logparse | 5 years ago |
README.md
Apache Access Log Viewer
Quick and simple PHP-based CLI application that generates human readable Apache access logs, compiled into data groups:
- Potentially Malicious
- IP Addresses
- Page/File Accessed
- Protocol
- HTTP Response (Success or Error)
- Referrer
- User Agent
Requirements
- Read permission to the directory where your log(s) reside
- PHP-CLI (7.2+) May work in older versions of PHP, but only tested in 7.2)
- Rotate your logs regularly, or this script may gobble your server's resources
Install PHP-CLI on Debian/Ubuntu:
apt install php7.2-cli
CentOS/RHEL:
yum install php-cli
To use
Clone the repo
git clone https://github.com/angela-d/php-logparse.git && cd php-logparse
After cloning the repo, you can test the script with a sample log, by going into the directory where logparse resides and running:
php logparse list
to out put a list of logs available. Look for your access_log and make note of the numeric key beside it, and run:
php logparse 0
(replace 0 for the key of your access_log)
Set your log directory
classes/logparser.php has the application's configuration settings.
Things to consider
- This is not a malware or exploit detection scanner. Although there is detection for common script-kiddie exploits, it's by no means comprehensive.
- It was built with Apache's access log in mind. If you wish to use it for other logs, you'll want to modify the regex of View to suit.
- This script is beta; there's no error checking to ensure you entered an existing key and it will scan the full log directory specified. In future versions I plan to add greater functionality - but for now, it assumes you know your way around.