Page 1 of 1

Access Log Filtering Program?

Posted: Mon Sep 10, 2007 7:48 pm
by JAB Creations
I'm wondering if there is a program out there that will scan an access log and gives the option to delete or keep lines with certain strings? For example if you wanted to view a version of your access log that only contained POST methods, any line that did not contain the string "POST" would be removed from the log.

Posted: Mon Sep 10, 2007 8:38 pm
by VladSun
Is it Linux?

Posted: Mon Sep 10, 2007 8:45 pm
by JAB Creations
XP please.

Posted: Mon Sep 17, 2007 12:49 am
by Mordred
Ya, it's called PHP :)
fopen(), fopen(), fgets(), if (preg_match()) fputs(), fclose(), fclose()

Posted: Mon Sep 17, 2007 3:46 am
by Maugrim_The_Reaper
file_get_contents() ;)

I can't think of a specific tool for XP.

Posted: Mon Sep 17, 2007 5:34 am
by Mordred
Maugrim_The_Reaper wrote:file_get_contents() ;).
For multi-megabyte log files? Not a good idea.

Posted: Mon Sep 17, 2007 11:40 am
by ReverendDexter
you could always get Cygwin, then just pipe the output of a grep to an output file.

Posted: Mon Sep 17, 2007 1:40 pm
by Mordred
Oh, yeah, that is a possibiilty too, there's lots of native win32 ports a well.
http://gnuwin32.sourceforge.net/

Posted: Tue Sep 18, 2007 12:33 pm
by JAB Creations
A clarification: My PHP skills are at best maybe 2.5/10 and I would not claim to know OOP at the moment. Additionally software needs to already be a binary for XP (installer or just extract is fine).

Posted: Tue Sep 18, 2007 1:56 pm
by ReverendDexter
That's the beauty of grep... all you'd have to do is go to your log directory, and do a "grep 'POST' file.log > post_only_log.txt" (double check my syntax, but it should be close), then use your favorite text editor/viewer to read your newly created post_only_log.txt file. And, grep takes regex, so you can make it as specific as you want for which lines go into your filtered log files, no PHP required.

Posted: Tue Sep 18, 2007 2:09 pm
by JAB Creations
http://gnuwin32.sourceforge.net/packages/grep.htm
I found grep / binaries and this isn't obviously simplified. Eventually found the dependencies and after using /? switch I'm getting the message grep: (standard input): not enough space

Posted: Tue Sep 18, 2007 3:05 pm
by ReverendDexter
how exactly are you invoking it? i.e. what's the command you're using?

Posted: Tue Sep 18, 2007 3:12 pm
by JAB Creations
grep /?

Posted: Wed Sep 19, 2007 12:04 pm
by ReverendDexter
oh, <smacks self in forehead>, sorry, my brain didn't parse '/?' at all when I read your post. If you're wanting help using it, I'd just consult the online manual.

Basially it's "grep [options] 'regexstring' location", so "grep -ir 'toast' ." will do an case insenstive search for lines containing "toast" in this directory and recurse through all subdirectories of this one. (-i is case insensitive, -r is recursion).