LogPP - Log PreProcessor

Introduction

Logpp is a tool for preprocessing event logs and feeding relevant information to other programs for storing or in-depth analysis. During its work, logpp reads lines appended to input files (like tail(1) in -f mode), matches the lines with patterns (e.g., regular expressions), converts matching lines according to given templates, and writes the results to given destinations. Logpp supports multi-line matching and several types of output destinations like regular files, FIFOs, external programs, and the system logger. Therefore, logpp can act as a filter in front of the more complex event log analysis system and increase the system's performance by weeding out irrelevant log data; it can work as a syslog gateway between the system logger and the application that doesn't use syslog(3); it can convert multi-line log messages to shorter single line messages, and accomplish other log preprocessing tasks.

Platform info

Logpp is written in C and has been tested mainly on Linux, but should work on most modern UNIX platforms.

Documentation

For more information, read the man page.

Availability

Logpp is licensed under the terms of GNU GPL and can be downloaded from SourceForge.

Author

Risto Vaarandi (ristov at users d0t s0urcef0rge d0t net)
Get Log PreProcessor at SourceForge.net. Fast, secure and Free Open Source software downloads