GithubHelp home page GithubHelp logo

elb-logs's Introduction

elb-logs

elb-logs is a cli that makes downloading, parsing and filtering elb logs a cinch.

Installation

requirements
  • python 2.7
  • pip >= 6.0

With virtualenv:

mkvirtualenv elb-logs \
&& pip install \
    --no-cache-dir \
    --upgrade \
    -i https://pypi.python.org/simple \
    git+git://github.com/jstewmon/elb-logs.git@master

Commands

base

options
Usage: elb-logs [OPTIONS] COMMAND [ARGS]...

Options:
  --profile TEXT
  --region TEXT
  --access-key TEXT
  --secret-key TEXT
  --help             Show this message and exit.

Commands:
  download
  filter
  parse

Notes:

  • --profile is expected to be a boto/aws profile
    • It can be used to supply credentials and defaults for any command options.

download

download elb log files from s3

options
Usage: elb-logs download [OPTIONS]

Options:
  --bucket TEXT       [required]
  --time-prefix TEXT  [required]
  --elb TEXT          [required]
  --output-dir TEXT
  --help              Show this message and exit.

Notes:

  • the --output-dir default is $(pwd)/<elb>/<time-prefix>
  • --region is required to be given on the base command

Example with --region, --bucket and --elb provided through boto config:

elb-logs --profile test download --time-prefix 20150613T100

parse

parse the log lines and output json - one document out per line in.

elb-logs parse $(find s3-bucket-name/20150613T100/ -type f)

To sort log entries chronologically:

cat s3-bucket-name/20150613T100/* | sort | elb-logs parse -

Example output (formatted for readability):

{
  "_line": "2015-06-13T10:05:43.471617Z ec2-elb-name 10.1.2.1:43989 10.1.1.1:80 0.000055 0.293759 0.000063 200 200 0 2810 \"GET http://example.com:80/someUrl HTTP/1.1\" \"Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.57 Safari/537.36\" - -\n",
  "backend_processing_time": 0.293759,
  "received_bytes": 0,
  "elb": "ec2-elb-name",
  "timestamp": 1434189943,
  "request": "GET http://example.com:80/someUrl HTTP/1.1",
  "request_processing_time": 0.000055,
  "sent_bytes": 2810,
  "client": {
    "ip": "10.1.2.1",
    "port": 43989
  },
  "backend_status_code": 200,
  "elb_status_code": 200,
  "response_processing_time": 0.000063,
  "_file": "s3-elb-log-bucket/20150613T100/123456789098_elasticloadbalancing_us-west-1_ec2-elb-name_20150613T1005Z_54.0.0.0_G43XknE4.log",
  "backend": {
    "ip": "10.1.1.1",
    "port": 80
  }
}

filter

Filter parsed output using jmespath expressions.

Each line of input is buffered into batches of 1000 items, so that list filters can be used to efficiently filter the output.

The output is always json, but can be any the result of any jmespath projection.

options
Usage: elb-logs filter [OPTIONS] [INPUT_FILES]...

Options:
  --expression TEXT  [required]
  --help             Show this message and exit.

Example of finding all requests with a 5XX status code:

cat s3-bucket-name/20150613T100/* \
    | sort \
    | elb-logs parse - \
    | elb-logs filter --expression '[?elb_status_code > `499`]' -

Configuration

Command options may be provided by a boto profile. This can be very convenient for frequently used option combinations, especially when they coincide with an existing profile.

Example:

$ cat ~/.aws/config
[prod]
aws_access_key_id=XXXXXXXX
aws_secret_access_key=XXXXXX
ELB_LOGS_DOWNLOAD_BUCKET=s3-elb-log-bucket
ELB_LOGS_DOWNLOAD_ELB=ec2-elb-name
ELB_LOGS_REGION=us-west-1

elb-logs's People

Contributors

jnorwood-rmn avatar

Stargazers

Brian Kennedy avatar Juan Alvarez avatar Raúl Cuza avatar Kyle Smith avatar Thomas Lovett avatar Ricardo Bartolomé avatar Kostas Demiris avatar Michael Hood avatar Giancarlo Rubio avatar

Watchers

Kyle Smith avatar James Cloos avatar Jonathan Stewmon avatar

Forkers

rexgibson sergeyradov jparten keshabb jnorwood-rmn rcuza rajiteh

elb-logs's Issues

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.