rpert/log_analysis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial cross-server log inventory + anomaly scan

Browse Source 
- 10 hosts (mo1, ams, ams2, ro1, ca1, ca2, ca3, fr1, sony, termux)
- discover-logs.sh: portable inventory (Linux/FreeBSD/Termux)
- scan-anomalies.sh: ERROR/WARN/CRITICAL counts + journalctl + kubectl
- run-all.sh: parallel SSH fan-out
- build-summary.py: aggregates into reports/SUMMARY.md
- 5 HIGH-severity findings identified on ro1 (apache scanner traffic, mount_monitor warnings)
This commit is contained in:
rpert
2026-04-10 21:49:17 +00:00
parent cabf4c587f
commit e96a8b03fc
26 changed files with 1636 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
logs/inventory/mo1.csv Normal file
View File

@@ -0,0 +1,50 @@
"/var/log/alternatives.log",444,"2026-04-09 13:58:39","alternatives.log"
"/var/log/alternatives.log.1",2106,"2026-03-28 10:28:14","alternatives.log.1"
"/var/log/alternatives.log.2.gz",2179,"2026-02-25 06:52:45","alternatives.log.2.gz"
"/var/log/apt/eipp.log.xz",30208,"2026-04-10 06:54:08","apt"
"/var/log/apt/history.log",2132,"2026-04-10 06:54:10","apt"
"/var/log/apt/history.log.1.gz",3926,"2026-03-31 07:51:09","apt"
"/var/log/apt/history.log.2.gz",9591,"2026-02-27 03:21:53","apt"
"/var/log/apt/term.log",11206,"2026-04-10 06:54:10","apt"
"/var/log/apt/term.log.1.gz",10759,"2026-03-31 07:51:09","apt"
"/var/log/apt/term.log.2.gz",31943,"2026-02-27 03:21:53","apt"
"/var/log/auth.log",2328595,"2026-04-10 21:45:05","auth.log"
"/var/log/auth.log.1",4497091,"2026-04-05 00:00:03","auth.log.1"
"/var/log/auth.log.2.gz",612106,"2026-03-29 00:00:02","auth.log.2.gz"
"/var/log/auth.log.3.gz",927025,"2026-03-22 00:00:01","auth.log.3.gz"
"/var/log/auth.log.4.gz",1074181,"2026-03-15 00:00:10","auth.log.4.gz"
"/var/log/cloud-init-output.log",7155,"2026-02-23 20:09:45","cloud-init-output.log"
"/var/log/cloud-init.log",161364,"2026-02-23 20:09:45","cloud-init.log"
"/var/log/cron.log",230482,"2026-04-10 21:45:01","cron.log"
"/var/log/cron.log.1",262751,"2026-04-05 00:00:02","cron.log.1"
"/var/log/cron.log.2.gz",32027,"2026-03-29 00:00:01","cron.log.2.gz"
"/var/log/cron.log.3.gz",27210,"2026-03-22 00:00:01","cron.log.3.gz"
"/var/log/cron.log.4.gz",2814,"2026-03-14 23:17:01","cron.log.4.gz"
"/var/log/daemon.log",350423,"2026-02-23 19:52:47","daemon.log"
"/var/log/daemon.log.1",302076,"2026-02-22 00:00:12","daemon.log.1"
"/var/log/dpkg.log",14705,"2026-04-10 06:54:10","dpkg.log"
"/var/log/dpkg.log.1",148161,"2026-03-31 07:51:09","dpkg.log.1"
"/var/log/dpkg.log.2.gz",40791,"2026-02-27 03:21:53","dpkg.log.2.gz"
"/var/log/fail2ban.log",227779,"2026-04-10 21:33:00","fail2ban.log"
"/var/log/fail2ban.log.1",273331,"2026-04-04 23:58:53","fail2ban.log.1"
"/var/log/fail2ban.log.2.gz",70980,"2026-03-28 23:55:57","fail2ban.log.2.gz"
"/var/log/fail2ban.log.3.gz",47472,"2026-03-21 23:59:19","fail2ban.log.3.gz"
"/var/log/fontconfig.log",1901,"2026-04-08 19:09:34","fontconfig.log"
"/var/log/git-bundle-backup.log",10056,"2026-04-10 03:00:24","git-bundle-backup.log"
"/var/log/gitea-borg-backup.log",6500,"2026-04-10 20:00:01","gitea-borg-backup.log"
"/var/log/kern.log",41872,"2026-04-09 20:32:40","kern.log"
"/var/log/kern.log.1",531229,"2026-04-02 22:01:09","kern.log.1"
"/var/log/kern.log.2.gz",29450,"2026-03-28 18:58:21","kern.log.2.gz"
"/var/log/kern.log.3.gz",367869,"2026-03-21 09:04:40","kern.log.3.gz"
"/var/log/kern.log.4.gz",8792,"2026-03-14 23:49:28","kern.log.4.gz"
"/var/log/messages",2277,"2026-02-23 19:52:39","messages"
"/var/log/rclone-media.log",18327234,"2026-04-10 21:45:33","rclone-media.log"
"/var/log/syslog",67501427,"2026-04-10 21:46:09","syslog"
"/var/log/syslog.2.gz",3058561,"2026-03-29 00:00:04","syslog.2.gz"
"/var/log/syslog.3.gz",7227084,"2026-03-22 00:00:04","syslog.3.gz"
"/var/log/syslog.4.gz",1477465,"2026-03-15 00:00:07","syslog.4.gz"
"/var/log/user.log",9179,"2026-04-10 11:40:23","user.log"
"/var/log/user.log.1",17065,"2026-04-04 15:50:54","user.log.1"
"/var/log/user.log.2.gz",1151,"2026-03-28 20:10:30","user.log.2.gz"
"/var/log/user.log.3.gz",668,"2026-03-21 01:31:32","user.log.3.gz"
"/var/log/user.log.4.gz",249,"2026-03-15 23:45:31","user.log.4.gz"
1 /var/log/alternatives.log 444 2026-04-09 13:58:39 alternatives.log
2 /var/log/alternatives.log.1 2106 2026-03-28 10:28:14 alternatives.log.1
3 /var/log/alternatives.log.2.gz 2179 2026-02-25 06:52:45 alternatives.log.2.gz
4 /var/log/apt/eipp.log.xz 30208 2026-04-10 06:54:08 apt
5 /var/log/apt/history.log 2132 2026-04-10 06:54:10 apt
6 /var/log/apt/history.log.1.gz 3926 2026-03-31 07:51:09 apt
7 /var/log/apt/history.log.2.gz 9591 2026-02-27 03:21:53 apt
8 /var/log/apt/term.log 11206 2026-04-10 06:54:10 apt
9 /var/log/apt/term.log.1.gz 10759 2026-03-31 07:51:09 apt
10 /var/log/apt/term.log.2.gz 31943 2026-02-27 03:21:53 apt
11 /var/log/auth.log 2328595 2026-04-10 21:45:05 auth.log
12 /var/log/auth.log.1 4497091 2026-04-05 00:00:03 auth.log.1
13 /var/log/auth.log.2.gz 612106 2026-03-29 00:00:02 auth.log.2.gz
14 /var/log/auth.log.3.gz 927025 2026-03-22 00:00:01 auth.log.3.gz
15 /var/log/auth.log.4.gz 1074181 2026-03-15 00:00:10 auth.log.4.gz
16 /var/log/cloud-init-output.log 7155 2026-02-23 20:09:45 cloud-init-output.log
17 /var/log/cloud-init.log 161364 2026-02-23 20:09:45 cloud-init.log
18 /var/log/cron.log 230482 2026-04-10 21:45:01 cron.log
19 /var/log/cron.log.1 262751 2026-04-05 00:00:02 cron.log.1
20 /var/log/cron.log.2.gz 32027 2026-03-29 00:00:01 cron.log.2.gz
21 /var/log/cron.log.3.gz 27210 2026-03-22 00:00:01 cron.log.3.gz
22 /var/log/cron.log.4.gz 2814 2026-03-14 23:17:01 cron.log.4.gz
23 /var/log/daemon.log 350423 2026-02-23 19:52:47 daemon.log
24 /var/log/daemon.log.1 302076 2026-02-22 00:00:12 daemon.log.1
25 /var/log/dpkg.log 14705 2026-04-10 06:54:10 dpkg.log
26 /var/log/dpkg.log.1 148161 2026-03-31 07:51:09 dpkg.log.1
27 /var/log/dpkg.log.2.gz 40791 2026-02-27 03:21:53 dpkg.log.2.gz
28 /var/log/fail2ban.log 227779 2026-04-10 21:33:00 fail2ban.log
29 /var/log/fail2ban.log.1 273331 2026-04-04 23:58:53 fail2ban.log.1
30 /var/log/fail2ban.log.2.gz 70980 2026-03-28 23:55:57 fail2ban.log.2.gz
31 /var/log/fail2ban.log.3.gz 47472 2026-03-21 23:59:19 fail2ban.log.3.gz
32 /var/log/fontconfig.log 1901 2026-04-08 19:09:34 fontconfig.log
33 /var/log/git-bundle-backup.log 10056 2026-04-10 03:00:24 git-bundle-backup.log
34 /var/log/gitea-borg-backup.log 6500 2026-04-10 20:00:01 gitea-borg-backup.log
35 /var/log/kern.log 41872 2026-04-09 20:32:40 kern.log
36 /var/log/kern.log.1 531229 2026-04-02 22:01:09 kern.log.1
37 /var/log/kern.log.2.gz 29450 2026-03-28 18:58:21 kern.log.2.gz
38 /var/log/kern.log.3.gz 367869 2026-03-21 09:04:40 kern.log.3.gz
39 /var/log/kern.log.4.gz 8792 2026-03-14 23:49:28 kern.log.4.gz
40 /var/log/messages 2277 2026-02-23 19:52:39 messages
41 /var/log/rclone-media.log 18327234 2026-04-10 21:45:33 rclone-media.log
42 /var/log/syslog 67501427 2026-04-10 21:46:09 syslog
43 /var/log/syslog.2.gz 3058561 2026-03-29 00:00:04 syslog.2.gz
44 /var/log/syslog.3.gz 7227084 2026-03-22 00:00:04 syslog.3.gz
45 /var/log/syslog.4.gz 1477465 2026-03-15 00:00:07 syslog.4.gz
46 /var/log/user.log 9179 2026-04-10 11:40:23 user.log
47 /var/log/user.log.1 17065 2026-04-04 15:50:54 user.log.1
48 /var/log/user.log.2.gz 1151 2026-03-28 20:10:30 user.log.2.gz
49 /var/log/user.log.3.gz 668 2026-03-21 01:31:32 user.log.3.gz
50 /var/log/user.log.4.gz 249 2026-03-15 23:45:31 user.log.4.gz