← 返回
未分类 中文

Log Analyzer

Analyze server logs for error patterns, IP frequency, time-based analysis, and alert generation. Use when a user needs log file analysis, error pattern detec...
分析服务器日志以识别错误模式、IP频率、时间规律并生成警报。适用于日志文件分析和错误模式检测。
laolaoqi laolaoqi 来源
未分类 clawhub v1.0.0 1 版本 100000 Key: 无需
★ 0
Stars
📥 241
下载
💾 0
安装
1
版本
#latest

概述

Log Analyzer

Script

scripts/log-analyzer.sh — the single entry point for all analyses.

The script is self-contained, works on any Linux system with standard tools (grep, awk, sort, uniq), and handles both file and piped input.

Quick Start

Analyze /var/log/syslog with all checks:

bash scripts/log-analyzer.sh -f /var/log/syslog --all

Or pipe logs directly:

journalctl -u nginx --since "24 hours ago" | bash scripts/log-analyzer.sh --all

Options

OptionDescription
------
-f Log file to analyze (use - for stdin)
-p Custom error pattern (default: error/i, fail/i, warn/i, critical/i, exception)
-t Time window in hours (default: 24)
--errorsFind top error messages and their frequency
--time-analysisGroup errors by time period (hourly/daily)
--ipsAnalyze IP frequency from log entries
--spikesIdentify unusual patterns and spikes
--allRun all analyses (default if no option given)
--helpShow this help message

Analysis Modules

Error Patterns (--errors)

Scans for configured error patterns, groups and sorts by frequency, shows the top most common error messages.

Time-based Analysis (--time-analysis)

Groups errors into hourly and daily buckets to show when issues occur most frequently.

IP Frequency (--ips)

Extracts IPv4 addresses from log entries, counts occurrences, and shows the top sources.

Spike Detection (--spikes)

Compares error counts per time bucket against the average. Flags buckets that exceed 2x the average as potential anomalies.

Common Findings & Recommendations

  • Repeated errors from the same source: Check application/service health; consider rate limiting or restart
  • Time-based spikes: Correlate with cron jobs, deployments, or traffic patterns at the flagged times
  • High-frequency IPs: Could indicate brute-force attempts, scrapers, or DDoS — consider firewall rules or fail2ban
  • New error patterns appearing: Recent changes or deployments may have introduced regressions
  • Sudden increase in warnings: Often precedes critical failures — investigate proactively

Notes

  • Piped input reads from stdin; use -f - explicitly when piping
  • For large log files (>100MB), consider reducing the time window with -t or pre-filtering with grep
  • Time-based analysis expects standard syslog date formats (RFC 3164 or RFC 5424); custom formats may need adjustment
  • IP detection uses a standard IPv4 regex — IPv6 is not currently supported
  • Works without root for user-owned log files; system logs may require sudo

版本历史

共 1 个版本

  • v1.0.0 当前
    2026-05-21 15:09 安全 安全

安全检测

腾讯云安全 (Keen)

安全,无风险
查看报告

腾讯云安全 (Sanbu)

安全,无风险
查看报告

🔗 相关推荐

it-ops-security

Free Ride - Unlimited free AI

shaivpidadi
管理OpenClaw的OpenRouter免费AI模型,自动按质量排名模型,配置速率限制备用方案,并更新opencla...
★ 471 📥 78,414
it-ops-security

1password

steipete
设置和使用 1Password CLI (op)。适用于:安装 CLI、启用桌面应用集成、登录(单/多账户)、通过 op 读取/注入/运行密钥。
★ 53 📥 31,703
it-ops-security

OpenClaw Backup

alex3alex
备份与恢复 OpenClaw 数据。适用于创建备份、设置自动备份计划、从备份恢复或管理备份轮转。处理 ~/.openclaw 目录归档并包含适当的排除规则。
★ 90 📥 31,045