rpert/log_analysis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial cross-server log inventory + anomaly scan

Browse Source 
- 10 hosts (mo1, ams, ams2, ro1, ca1, ca2, ca3, fr1, sony, termux)
- discover-logs.sh: portable inventory (Linux/FreeBSD/Termux)
- scan-anomalies.sh: ERROR/WARN/CRITICAL counts + journalctl + kubectl
- run-all.sh: parallel SSH fan-out
- build-summary.py: aggregates into reports/SUMMARY.md
- 5 HIGH-severity findings identified on ro1 (apache scanner traffic, mount_monitor warnings)
This commit is contained in:
rpert
2026-04-10 21:49:17 +00:00
parent cabf4c587f
commit e96a8b03fc
26 changed files with 1636 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

106
logs/inventory/fr1.csv Normal file
View File

@@ -0,0 +1,106 @@
"/var/log/alternatives.log",444,"2026-04-09 13:58:06","alternatives.log"
"/var/log/alternatives.log.1",12764,"2026-03-29 09:14:11","alternatives.log.1"
"/var/log/apport.log",0,"2026-02-04 00:00:06","apport.log"
"/var/log/apt/eipp.log.xz",43500,"2026-04-09 21:23:59","apt"
"/var/log/apt/history.log",5998,"2026-04-09 21:41:55","apt"
"/var/log/apt/history.log.1.gz",2817,"2026-03-31 06:57:53","apt"
"/var/log/apt/term.log",30609,"2026-04-09 21:41:55","apt"
"/var/log/apt/term.log.1.gz",7201,"2026-03-31 06:57:53","apt"
"/var/log/auth.log",1975430,"2026-04-10 21:46:09","auth.log"
"/var/log/auth.log.1",3123876,"2026-04-05 00:00:01","auth.log.1"
"/var/log/auth.log.2.gz",331548,"2026-03-28 23:59:49","auth.log.2.gz"
"/var/log/auth.log.3.gz",395408,"2026-03-22 00:00:02","auth.log.3.gz"
"/var/log/bootstrap.log",1,"2020-08-01 05:42:09","bootstrap.log"
"/var/log/borg/backup-20260223.log",23653,"2026-02-23 03:19:55","borg"
"/var/log/borg/backup-20260224.log",3611,"2026-02-24 03:19:25","borg"
"/var/log/borg/backup-20260225.log",5328,"2026-02-25 03:21:37","borg"
"/var/log/borg/backup-20260226.log",4947,"2026-02-26 03:06:52","borg"
"/var/log/borg/backup-20260227.log",7327,"2026-02-27 03:29:47","borg"
"/var/log/borg/backup-20260228.log",4404,"2026-02-28 03:29:47","borg"
"/var/log/borg/backup-20260301.log",4574,"2026-03-01 03:15:46","borg"
"/var/log/borg/backup-20260302.log",7074,"2026-03-02 03:02:08","borg"
"/var/log/borg/backup-20260303.log",4744,"2026-03-03 03:03:52","borg"
"/var/log/borg/backup-20260304.log",4953,"2026-03-04 03:42:21","borg"
"/var/log/borg/backup-20260305.log",6534,"2026-03-05 03:22:34","borg"
"/var/log/borg/backup-20260306.log",6792,"2026-03-06 03:23:15","borg"
"/var/log/borg/backup-20260307.log",4602,"2026-03-07 03:13:48","borg"
"/var/log/borg/backup-20260308.log",3890,"2026-03-08 03:02:24","borg"
"/var/log/borg/backup-20260309.log",3968,"2026-03-09 03:19:55","borg"
"/var/log/borg/backup-20260310.log",3044,"2026-03-10 03:15:29","borg"
"/var/log/borg/backup-20260311.log",4528,"2026-03-11 03:16:46","borg"
"/var/log/borg/backup-20260312.log",4246,"2026-03-12 03:24:15","borg"
"/var/log/borg/backup-20260313.log",4246,"2026-03-13 03:23:31","borg"
"/var/log/borg/backup-20260314.log",4105,"2026-03-14 03:31:23","borg"
"/var/log/borg/backup-20260315.log",4386,"2026-03-15 03:11:51","borg"
"/var/log/borg/backup-20260316.log",181139,"2026-03-16 13:50:37","borg"
"/var/log/borg/backup-20260317.log",4396,"2026-03-17 03:07:52","borg"
"/var/log/borg/backup-20260318.log",380400,"2026-03-18 03:25:20","borg"
"/var/log/borg/backup-20260319.log",813842,"2026-03-19 03:16:43","borg"
"/var/log/borg/backup-20260320.log",6116,"2026-03-20 03:07:58","borg"
"/var/log/borg/backup-20260321.log",896813,"2026-03-21 03:26:37","borg"
"/var/log/borg/backup-20260322.log",117634,"2026-03-22 03:28:25","borg"
"/var/log/borg/backup-20260323.log",6285,"2026-03-23 03:05:08","borg"
"/var/log/borg/backup-20260324.log",82306,"2026-03-24 03:21:37","borg"
"/var/log/borg/backup-20260325.log",134429,"2026-03-25 03:31:25","borg"
"/var/log/borg/backup-20260326.log",6477,"2026-03-26 03:11:22","borg"
"/var/log/borg/backup-20260327.log",5384,"2026-03-27 03:42:48","borg"
"/var/log/borg/backup-20260328.log",475,"2026-03-28 03:08:01","borg"
"/var/log/borg-backup.log",2445959,"2026-03-23 03:30:25","borg-backup.log"
"/var/log/dist-upgrade/20251231-1927/main.log",894,"2025-12-31 19:27:27","dist-upgrade"
"/var/log/dist-upgrade/apt.log",63330,"2025-12-31 19:33:44","dist-upgrade"
"/var/log/dist-upgrade/apt-term.log",244692,"2025-12-31 19:34:05","dist-upgrade"
"/var/log/dist-upgrade/eipp.log.xz",26500,"2025-12-31 19:33:52","dist-upgrade"
"/var/log/dist-upgrade/history.log",77010,"2025-12-31 19:34:05","dist-upgrade"
"/var/log/dist-upgrade/main.log",42845,"2025-12-31 19:34:08","dist-upgrade"
"/var/log/dist-upgrade/xorg_fixup.log",78,"2025-12-31 19:34:08","dist-upgrade"
"/var/log/dmesg",46202,"2026-04-02 21:55:43","dmesg"
"/var/log/dmesg.0",44606,"2026-03-30 13:23:27","dmesg.0"
"/var/log/dmesg.1.gz",13808,"2026-03-17 15:35:26","dmesg.1.gz"
"/var/log/dmesg.2.gz",14230,"2026-02-24 08:57:49","dmesg.2.gz"
"/var/log/dmesg.3.gz",14323,"2026-02-10 22:01:38","dmesg.3.gz"
"/var/log/docker-upgrades/upgrade-2026-02-22_0428.log",28151,"2026-02-22 04:29:20","docker-upgrades"
"/var/log/docker-upgrades/upgrade-2026-03-01_0421.log",34035,"2026-03-01 04:22:20","docker-upgrades"
"/var/log/docker-upgrades/upgrade-2026-03-08_0417.log",6737,"2026-03-08 04:18:00","docker-upgrades"
"/var/log/docker-upgrades/upgrade-2026-03-15_0414.log",14263,"2026-03-15 04:14:56","docker-upgrades"
"/var/log/dpkg.log",45855,"2026-04-09 21:41:55","dpkg.log"
"/var/log/dpkg.log.1",122623,"2026-03-31 06:57:53","dpkg.log.1"
"/var/log/fail2ban.log",313271,"2026-04-10 21:39:26","fail2ban.log"
"/var/log/fail2ban.log.1",201136,"2026-04-04 23:54:00","fail2ban.log.1"
"/var/log/fail2ban.log.2.gz",54841,"2026-03-28 23:55:54","fail2ban.log.2.gz"
"/var/log/fail2ban.log.3.gz",87608,"2026-03-21 23:57:37","fail2ban.log.3.gz"
"/var/log/fontconfig.log",3080,"2026-02-26 22:17:31","fontconfig.log"
"/var/log/kern.log",6331059,"2026-04-10 21:46:25","kern.log"
"/var/log/kern.log.1",7672138,"2026-04-05 00:00:01","kern.log.1"
"/var/log/kern.log.2.gz",875287,"2026-03-28 23:59:45","kern.log.2.gz"
"/var/log/kern.log.3.gz",905871,"2026-03-22 00:00:01","kern.log.3.gz"
"/var/log/landscape/sysinfo.log",0,"2020-08-01 05:13:07","landscape"
"/var/log/mail.log",1330690,"2026-04-10 21:45:58","mail.log"
"/var/log/mail.log.1",2344562,"2026-04-04 23:52:06","mail.log.1"
"/var/log/mail.log.2.gz",168986,"2026-03-28 23:57:21","mail.log.2.gz"
"/var/log/mail.log.3.gz",557593,"2026-03-21 23:59:43","mail.log.3.gz"
"/var/log/nginx/access.log",120243,"2026-04-10 21:42:54","nginx"
"/var/log/nginx/access.log.1",150946,"2026-04-09 23:55:29","nginx"
"/var/log/nginx/access.log.2.gz",21286,"2026-04-08 23:54:14","nginx"
"/var/log/nginx/access.log.3.gz",42787,"2026-04-07 23:59:56","nginx"
"/var/log/nginx/access.log.4.gz",10982,"2026-04-07 00:00:01","nginx"
"/var/log/nginx/error.log",3822,"2026-04-10 19:27:59","nginx"
"/var/log/nginx/error.log.1",18722,"2026-04-09 23:55:29","nginx"
"/var/log/nginx/error.log.2.gz",3161,"2026-04-08 20:37:10","nginx"
"/var/log/nginx/error.log.3.gz",11513,"2026-04-07 23:59:36","nginx"
"/var/log/nginx/error.log.4.gz",888,"2026-04-06 23:58:49","nginx"
"/var/log/nginx/ttrss_access.log",0,"2026-03-15 00:00:04","nginx"
"/var/log/nginx/ttrss_error.log",0,"2026-03-13 00:00:02","nginx"
"/var/log/php8.1-fpm.log",0,"2026-01-04 00:00:02","php8.1-fpm.log"
"/var/log/php8.3-fpm.log",0,"2026-03-22 00:00:02","php8.3-fpm.log"
"/var/log/php8.3-fpm.log.1",152,"2026-03-16 14:38:51","php8.3-fpm.log.1"
"/var/log/postfix.log",5411070,"2026-02-02 23:37:02","postfix.log"
"/var/log/syslog",39541775,"2026-04-10 21:46:28","syslog"
"/var/log/syslog.2.gz",3947946,"2026-03-29 00:00:00","syslog.2.gz"
"/var/log/syslog.3.gz",3025463,"2026-03-22 00:00:02","syslog.3.gz"
"/var/log/ubuntu-advantage-apt-hook.log",0,"2025-12-31 19:24:17","ubuntu-advantage-apt-hook.log"
"/var/log/ubuntu-advantage.log",0,"2026-02-01 00:00:06","ubuntu-advantage.log"
"/var/log/ufw.log",6323723,"2026-04-10 21:46:25","ufw.log"
"/var/log/ufw.log.1",7563386,"2026-04-05 00:00:01","ufw.log.1"
"/var/log/ufw.log.2.gz",875043,"2026-03-28 23:59:45","ufw.log.2.gz"
"/var/log/ufw.log.3.gz",889229,"2026-03-22 00:00:01","ufw.log.3.gz"
"/var/log/voicemail-transcribe.log",1542001,"2026-04-10 21:45:53","voicemail-transcribe.log"
1 /var/log/alternatives.log 444 2026-04-09 13:58:06 alternatives.log
2 /var/log/alternatives.log.1 12764 2026-03-29 09:14:11 alternatives.log.1
3 /var/log/apport.log 0 2026-02-04 00:00:06 apport.log
4 /var/log/apt/eipp.log.xz 43500 2026-04-09 21:23:59 apt
5 /var/log/apt/history.log 5998 2026-04-09 21:41:55 apt
6 /var/log/apt/history.log.1.gz 2817 2026-03-31 06:57:53 apt
7 /var/log/apt/term.log 30609 2026-04-09 21:41:55 apt
8 /var/log/apt/term.log.1.gz 7201 2026-03-31 06:57:53 apt
9 /var/log/auth.log 1975430 2026-04-10 21:46:09 auth.log
10 /var/log/auth.log.1 3123876 2026-04-05 00:00:01 auth.log.1
11 /var/log/auth.log.2.gz 331548 2026-03-28 23:59:49 auth.log.2.gz
12 /var/log/auth.log.3.gz 395408 2026-03-22 00:00:02 auth.log.3.gz
13 /var/log/bootstrap.log 1 2020-08-01 05:42:09 bootstrap.log
14 /var/log/borg/backup-20260223.log 23653 2026-02-23 03:19:55 borg
15 /var/log/borg/backup-20260224.log 3611 2026-02-24 03:19:25 borg
16 /var/log/borg/backup-20260225.log 5328 2026-02-25 03:21:37 borg
17 /var/log/borg/backup-20260226.log 4947 2026-02-26 03:06:52 borg
18 /var/log/borg/backup-20260227.log 7327 2026-02-27 03:29:47 borg
19 /var/log/borg/backup-20260228.log 4404 2026-02-28 03:29:47 borg
20 /var/log/borg/backup-20260301.log 4574 2026-03-01 03:15:46 borg
21 /var/log/borg/backup-20260302.log 7074 2026-03-02 03:02:08 borg
22 /var/log/borg/backup-20260303.log 4744 2026-03-03 03:03:52 borg
23 /var/log/borg/backup-20260304.log 4953 2026-03-04 03:42:21 borg
24 /var/log/borg/backup-20260305.log 6534 2026-03-05 03:22:34 borg
25 /var/log/borg/backup-20260306.log 6792 2026-03-06 03:23:15 borg
26 /var/log/borg/backup-20260307.log 4602 2026-03-07 03:13:48 borg
27 /var/log/borg/backup-20260308.log 3890 2026-03-08 03:02:24 borg
28 /var/log/borg/backup-20260309.log 3968 2026-03-09 03:19:55 borg
29 /var/log/borg/backup-20260310.log 3044 2026-03-10 03:15:29 borg
30 /var/log/borg/backup-20260311.log 4528 2026-03-11 03:16:46 borg
31 /var/log/borg/backup-20260312.log 4246 2026-03-12 03:24:15 borg
32 /var/log/borg/backup-20260313.log 4246 2026-03-13 03:23:31 borg
33 /var/log/borg/backup-20260314.log 4105 2026-03-14 03:31:23 borg
34 /var/log/borg/backup-20260315.log 4386 2026-03-15 03:11:51 borg
35 /var/log/borg/backup-20260316.log 181139 2026-03-16 13:50:37 borg
36 /var/log/borg/backup-20260317.log 4396 2026-03-17 03:07:52 borg
37 /var/log/borg/backup-20260318.log 380400 2026-03-18 03:25:20 borg
38 /var/log/borg/backup-20260319.log 813842 2026-03-19 03:16:43 borg
39 /var/log/borg/backup-20260320.log 6116 2026-03-20 03:07:58 borg
40 /var/log/borg/backup-20260321.log 896813 2026-03-21 03:26:37 borg
41 /var/log/borg/backup-20260322.log 117634 2026-03-22 03:28:25 borg
42 /var/log/borg/backup-20260323.log 6285 2026-03-23 03:05:08 borg
43 /var/log/borg/backup-20260324.log 82306 2026-03-24 03:21:37 borg
44 /var/log/borg/backup-20260325.log 134429 2026-03-25 03:31:25 borg
45 /var/log/borg/backup-20260326.log 6477 2026-03-26 03:11:22 borg
46 /var/log/borg/backup-20260327.log 5384 2026-03-27 03:42:48 borg
47 /var/log/borg/backup-20260328.log 475 2026-03-28 03:08:01 borg
48 /var/log/borg-backup.log 2445959 2026-03-23 03:30:25 borg-backup.log
49 /var/log/dist-upgrade/20251231-1927/main.log 894 2025-12-31 19:27:27 dist-upgrade
50 /var/log/dist-upgrade/apt.log 63330 2025-12-31 19:33:44 dist-upgrade
51 /var/log/dist-upgrade/apt-term.log 244692 2025-12-31 19:34:05 dist-upgrade
52 /var/log/dist-upgrade/eipp.log.xz 26500 2025-12-31 19:33:52 dist-upgrade
53 /var/log/dist-upgrade/history.log 77010 2025-12-31 19:34:05 dist-upgrade
54 /var/log/dist-upgrade/main.log 42845 2025-12-31 19:34:08 dist-upgrade
55 /var/log/dist-upgrade/xorg_fixup.log 78 2025-12-31 19:34:08 dist-upgrade
56 /var/log/dmesg 46202 2026-04-02 21:55:43 dmesg
57 /var/log/dmesg.0 44606 2026-03-30 13:23:27 dmesg.0
58 /var/log/dmesg.1.gz 13808 2026-03-17 15:35:26 dmesg.1.gz
59 /var/log/dmesg.2.gz 14230 2026-02-24 08:57:49 dmesg.2.gz
60 /var/log/dmesg.3.gz 14323 2026-02-10 22:01:38 dmesg.3.gz
61 /var/log/docker-upgrades/upgrade-2026-02-22_0428.log 28151 2026-02-22 04:29:20 docker-upgrades
62 /var/log/docker-upgrades/upgrade-2026-03-01_0421.log 34035 2026-03-01 04:22:20 docker-upgrades
63 /var/log/docker-upgrades/upgrade-2026-03-08_0417.log 6737 2026-03-08 04:18:00 docker-upgrades
64 /var/log/docker-upgrades/upgrade-2026-03-15_0414.log 14263 2026-03-15 04:14:56 docker-upgrades
65 /var/log/dpkg.log 45855 2026-04-09 21:41:55 dpkg.log
66 /var/log/dpkg.log.1 122623 2026-03-31 06:57:53 dpkg.log.1
67 /var/log/fail2ban.log 313271 2026-04-10 21:39:26 fail2ban.log
68 /var/log/fail2ban.log.1 201136 2026-04-04 23:54:00 fail2ban.log.1
69 /var/log/fail2ban.log.2.gz 54841 2026-03-28 23:55:54 fail2ban.log.2.gz
70 /var/log/fail2ban.log.3.gz 87608 2026-03-21 23:57:37 fail2ban.log.3.gz
71 /var/log/fontconfig.log 3080 2026-02-26 22:17:31 fontconfig.log
72 /var/log/kern.log 6331059 2026-04-10 21:46:25 kern.log
73 /var/log/kern.log.1 7672138 2026-04-05 00:00:01 kern.log.1
74 /var/log/kern.log.2.gz 875287 2026-03-28 23:59:45 kern.log.2.gz
75 /var/log/kern.log.3.gz 905871 2026-03-22 00:00:01 kern.log.3.gz
76 /var/log/landscape/sysinfo.log 0 2020-08-01 05:13:07 landscape
77 /var/log/mail.log 1330690 2026-04-10 21:45:58 mail.log
78 /var/log/mail.log.1 2344562 2026-04-04 23:52:06 mail.log.1
79 /var/log/mail.log.2.gz 168986 2026-03-28 23:57:21 mail.log.2.gz
80 /var/log/mail.log.3.gz 557593 2026-03-21 23:59:43 mail.log.3.gz
81 /var/log/nginx/access.log 120243 2026-04-10 21:42:54 nginx
82 /var/log/nginx/access.log.1 150946 2026-04-09 23:55:29 nginx
83 /var/log/nginx/access.log.2.gz 21286 2026-04-08 23:54:14 nginx
84 /var/log/nginx/access.log.3.gz 42787 2026-04-07 23:59:56 nginx
85 /var/log/nginx/access.log.4.gz 10982 2026-04-07 00:00:01 nginx
86 /var/log/nginx/error.log 3822 2026-04-10 19:27:59 nginx
87 /var/log/nginx/error.log.1 18722 2026-04-09 23:55:29 nginx
88 /var/log/nginx/error.log.2.gz 3161 2026-04-08 20:37:10 nginx
89 /var/log/nginx/error.log.3.gz 11513 2026-04-07 23:59:36 nginx
90 /var/log/nginx/error.log.4.gz 888 2026-04-06 23:58:49 nginx
91 /var/log/nginx/ttrss_access.log 0 2026-03-15 00:00:04 nginx
92 /var/log/nginx/ttrss_error.log 0 2026-03-13 00:00:02 nginx
93 /var/log/php8.1-fpm.log 0 2026-01-04 00:00:02 php8.1-fpm.log
94 /var/log/php8.3-fpm.log 0 2026-03-22 00:00:02 php8.3-fpm.log
95 /var/log/php8.3-fpm.log.1 152 2026-03-16 14:38:51 php8.3-fpm.log.1
96 /var/log/postfix.log 5411070 2026-02-02 23:37:02 postfix.log
97 /var/log/syslog 39541775 2026-04-10 21:46:28 syslog
98 /var/log/syslog.2.gz 3947946 2026-03-29 00:00:00 syslog.2.gz
99 /var/log/syslog.3.gz 3025463 2026-03-22 00:00:02 syslog.3.gz
100 /var/log/ubuntu-advantage-apt-hook.log 0 2025-12-31 19:24:17 ubuntu-advantage-apt-hook.log
101 /var/log/ubuntu-advantage.log 0 2026-02-01 00:00:06 ubuntu-advantage.log
102 /var/log/ufw.log 6323723 2026-04-10 21:46:25 ufw.log
103 /var/log/ufw.log.1 7563386 2026-04-05 00:00:01 ufw.log.1
104 /var/log/ufw.log.2.gz 875043 2026-03-28 23:59:45 ufw.log.2.gz
105 /var/log/ufw.log.3.gz 889229 2026-03-22 00:00:01 ufw.log.3.gz
106 /var/log/voicemail-transcribe.log 1542001 2026-04-10 21:45:53 voicemail-transcribe.log