Linuxでログを集計できる『petit』コマンドを使ってみる

ぼけーっとネットで調べ物してたところ、ログの簡単な集計・分析用のコマンド『petit』なるものを見かけたので、ちょっと試してみた。 Debian/Ubuntu系であればaptから、RHEL系であればrpmファイルを指定してyumからインストールできるようだ。

sudo apt install petit # Debian/Ubuntu系の場合
yum install -y http://crunchtools.com/wp-content/files/petit/petit-current.rpm # RHEL系の場合

インストールができたら、以下のようにコマンドを実行することでログを集計することができる。

petit --hash LogPath
[root@BS-PUB-CENT7-01 ~]# petit --hash /var/log/messages
638: systemd: Created slice user-#.slice.
638: systemd: Removed slice user-#.slice.
638: systemd: Starting user-#.slice.
638: systemd: Stopping user-#.slice.
490: systemd: Started Session # of user apache.
490: systemd: Starting Session # of user apache.
149: systemd-logind: Removed session #.
92: systemd-logind: New session # of user test.
92: systemd: Started Session # of user test.
92: systemd: Starting Session # of user test.
72: systemd: Started Session # of user root.
72: systemd: Starting Session # of user root.
56: systemd-logind: New session # of user test#.
56: systemd: Started Session # of user test#.
56: systemd: Starting Session # of user test#.
4: su: (to test) root on pts/#
3: Started Cleanup of Temporary Directories.
3: Starting Cleanup of Temporary Directories...
2: New session 4573 of user root.
1: [origin software="rsyslogd" swVersion="7.4.7" x-pid="981" x-info="http://www.rsyslog.com"] rsyslogd was HUPed
1: Installed: 1:cups-libs-1.6.3-26.el7.x86_64
1: Installed: atk-2.14.0-1.el7.x86_64
1: Installed: gdk-pixbuf2-2.31.6-3.el7.x86_64
1: Installed: gtk2-2.24.28-8.el7.x86_64
1: Installed: hicolor-icon-theme-0.12-7.el7.noarch
1: Installed: jasper-libs-1.900.1-30.el7_3.x86_64
1: Installed: jbigkit-libs-2.0-11.el7.x86_64
1: Installed: libXcomposite-0.4.4-4.1.el7.x86_64
1: Installed: libXcursor-1.1.14-2.1.el7.x86_64
1: Installed: libXi-1.7.4-2.el7.x86_64
1: Installed: libXinerama-1.1.3-2.1.el7.x86_64
1: Installed: libXrandr-1.4.2-2.el7.x86_64
1: Installed: libtiff-4.0.3-27.el7_3.x86_64
1: Installed: openssh-askpass-6.6.1p1-35.el7_3.x86_64
1: Installed: petit-1.1.1-1.i386

色々とオプションがあるようだ。キーワードの頻出なんかもある様子(grepやawk組み合わせれば同様の事できるが)。 以下、helpの出力結果。

[root@BS-PUB-CENT7-01 ~]# petit --help
Usage: petit [options] [file]

Options:
  -h, --help     show this help message and exit
  -v, --verbose  Show verbose output
  --sample       Show sample output for small numbered entries
  --nosample     Do not sample output for low count entries
  --allsample    Show samples instead of munged text for all entries
  --filter       Use filter files during processing
  --nofilter     Do not use filter files during processing
  --wide         Use wider graph characters
  --tick==TICK   Change tick character from default
  --fingerprint  Use fingerprinting to remove certain patterns
  -V, --version  Show verbose output
  --hash         Show hashes of log files with numbers removed
  --wordcount    Show word count for given word
  --daemon       show a report of entries from each daemon
  --host         show a report of entries from each host
  --sgraph       show graph of first 60 seconds
  --mgraph       show graph of first 60 minutes
  --hgraph       show graph of first 24 hours
  --dgraph       show graph of first 31 days
  --mograph      show graph of first 12 months
  --ygraph       show graph of first 10 years

ちょっとした集計処理なんかに悪くなさそう。