Log Parser

A log parsing and analysis tool for security operations and DevOps.

Features

• Multi-format Support - nginx, apache, syslog, application logs
• Auto-detection - Automatically detect log format
• Key Extraction - Extract IPs, timestamps, error codes, URLs
• Filtering - Filter logs by IP, status code, time range
• Statistics - Generate summary reports
• Error Detection - Identify and highlight error entries

Usage

python3 skills/log-parser/scripts/log_parser.py <action> [options]

Actions

Options

Supported Log Formats

nginx

192.168.1.1 - - [22/Mar/2026:14:00:00 +0800] "GET /api/test HTTP/1.1" 200 1234

apache

192.168.1.1 - - [22/Mar/2026:14:00:00 +0800] "GET /api/test HTTP/1.1" 200 1234

syslog

Mar 22 14:00:00 server sshd[12345]: Failed password for root from 192.168.1.1

application logs (JSON)

{"timestamp": "2026-03-22T14:00:00Z", "level": "ERROR", "message": "..."}

Examples

# Parse log file
python3 skills/log-parser/scripts/log_parser.py parse --file /var/log/nginx/access.log

# Generate statistics
python3 skills/log-parser/scripts/log_parser.py stats --file /var/log/nginx/access.log

# Filter by IP
python3 skills/log-parser/scripts/log_parser.py filter --file /var/log/nginx/access.log --filter-ip 192.168.1.1

# Get top 10 IPs
python3 skills/log-parser/scripts/log_parser.py top --file /var/log/nginx/access.log --top-field ip --limit 10

# Extract errors
python3 skills/log-parser/scripts/log_parser.py errors --file /var/log/nginx/access.log

Use Cases

1. Security Analysis - Identify suspicious IPs, failed logins
2. Performance Monitoring - Find slow requests, errors
3. Traffic Analysis - Top URLs, user agents
4. Debugging - Extract error entries quickly

Output Format

All results are returned in JSON format:

{
  "success": true,
  "total": 1000,
  "parsed": 998,
  "entries": [...],
  "stats": {...}
}

Current Status

In development.