ぼけーっとネットで調べ物してたところ、ログの簡単な集計・分析用のコマンド『petit』なるものを見かけたので、ちょっと試してみた。 Debian/Ubuntu系であればaptから、RHEL系であればrpmファイルを指定してyumからインストールできるようだ。
bash
sudo apt install petit # Debian/Ubuntu系の場合
yum install -y http://crunchtools.com/wp-content/files/petit/petit-current.rpm # RHEL系の場合
インストールができたら、以下のようにコマンドを実行することでログを集計することができる。
bash
petit --hash LogPath
shell[root@BS-PUB-CENT7-01 ~]# petit --hash /var/log/messages 638: systemd: Created slice user-#.slice. 638: systemd: Removed slice user-#.slice. 638: systemd: Starting user-#.slice. 638: systemd: Stopping user-#.slice. 490: systemd: Started Session # of user apache. 490: systemd: Starting Session # of user apache. 149: systemd-logind: Removed session #. 92: systemd-logind: New session # of user test. 92: systemd: Started Session # of user test. 92: systemd: Starting Session # of user test. 72: systemd: Started Session # of user root. 72: systemd: Starting Session # of user root. 56: systemd-logind: New session # of user test#. 56: systemd: Started Session # of user test#. 56: systemd: Starting Session # of user test#. 4: su: (to test) root on pts/# 3: Started Cleanup of Temporary Directories. 3: Starting Cleanup of Temporary Directories... 2: New session 4573 of user root. 1: [origin software="rsyslogd" swVersion="7.4.7" x-pid="981" x-info="http://www.rsyslog.com"] rsyslogd was HUPed 1: Installed: 1:cups-libs-1.6.3-26.el7.x86_64 1: Installed: atk-2.14.0-1.el7.x86_64 1: Installed: gdk-pixbuf2-2.31.6-3.el7.x86_64 1: Installed: gtk2-2.24.28-8.el7.x86_64 1: Installed: hicolor-icon-theme-0.12-7.el7.noarch 1: Installed: jasper-libs-1.900.1-30.el7_3.x86_64 1: Installed: jbigkit-libs-2.0-11.el7.x86_64 1: Installed: libXcomposite-0.4.4-4.1.el7.x86_64 1: Installed: libXcursor-1.1.14-2.1.el7.x86_64 1: Installed: libXi-1.7.4-2.el7.x86_64 1: Installed: libXinerama-1.1.3-2.1.el7.x86_64 1: Installed: libXrandr-1.4.2-2.el7.x86_64 1: Installed: libtiff-4.0.3-27.el7_3.x86_64 1: Installed: openssh-askpass-6.6.1p1-35.el7_3.x86_64 1: Installed: petit-1.1.1-1.i386
色々とオプションがあるようだ。キーワードの頻出なんかもある様子(grepやawk組み合わせれば同様の事できるが)。 以下、helpの出力結果。
shell[root@BS-PUB-CENT7-01 ~]# petit --help Usage: petit [options] [file] Options: -h, --help show this help message and exit -v, --verbose Show verbose output --sample Show sample output for small numbered entries --nosample Do not sample output for low count entries --allsample Show samples instead of munged text for all entries --filter Use filter files during processing --nofilter Do not use filter files during processing --wide Use wider graph characters --tick==TICK Change tick character from default --fingerprint Use fingerprinting to remove certain patterns -V, --version Show verbose output --hash Show hashes of log files with numbers removed --wordcount Show word count for given word --daemon show a report of entries from each daemon --host show a report of entries from each host --sgraph show graph of first 60 seconds --mgraph show graph of first 60 minutes --hgraph show graph of first 24 hours --dgraph show graph of first 31 days --mograph show graph of first 12 months --ygraph show graph of first 10 years
ちょっとした集計処理なんかに悪くなさそう。
