Reputation: 231
log analysis tool to define search pattern cross log entries
Currently i'm using vmware log insight to do log analysis. Is there any log analysis tool can define a search pattern cross log entries? e.g. my log looks like these:
2018-03-20T15:44:14.785Z node-92008 Hostd: pam_unix(passwd:chauthtok): password changed for vpxuser started
2018-03-20T15:44:14.785Z node-92008 Hostd: pam_unix(passwd:chauthtok): password changed for vpxuser` ends with status success
So the action started log is in one line and the action ends is in one line.
Is there any tool i can define an search pattern e.g. find each pair of "started" and "ends" to counter how many times i did in logs?
Thanks a lot.
Upvotes: 0
Views: 77
Answers (2)
Reputation: 1
Unomaly is a good tool for log analysis. Its pretty simple, you just have to ingest your logs into Unomaly, it will tokenize and profile your log data and group the logs with similar profiles. Give it about week to learn the patterns of behaviour and then it will start identifying what is repetitive and reduce it, only surfacing anything that is unique. You can also make correlations between systems.
Upvotes: 0
Reputation: 12672
Use grep to get the records
grep -E 'vpxuser (started|ends with)' file.log
I'm assuming the backtick in 'vpxuser` ends with' is a typo.
Upvotes: 1
Related Questions
- Search log for regex pattern, then search surrounding lines again for previous match
- Pattern matching for log analysis
- Web Server Log Analysis Tool
- Searching for related events in log file
- Is there any "generic log file analyzer/editor"?
- Software to help in log analysis?
- searching for hundreds of patterns in huge Logfiles
- How to analyze log files with regexp? alternatives?
- Searching huge log files
- Log analyzer for non-web-applications