rpert/log_analysis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial cross-server log inventory + anomaly scan

Browse Source 
- 10 hosts (mo1, ams, ams2, ro1, ca1, ca2, ca3, fr1, sony, termux)
- discover-logs.sh: portable inventory (Linux/FreeBSD/Termux)
- scan-anomalies.sh: ERROR/WARN/CRITICAL counts + journalctl + kubectl
- run-all.sh: parallel SSH fan-out
- build-summary.py: aggregates into reports/SUMMARY.md
- 5 HIGH-severity findings identified on ro1 (apache scanner traffic, mount_monitor warnings)
This commit is contained in:
rpert
2026-04-10 21:49:17 +00:00
parent cabf4c587f
commit e96a8b03fc
26 changed files with 1636 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
logs/inventory/ro1.csv Normal file
View File

@@ -0,0 +1,59 @@
"/var/log/auth.log",249618,"","auth.log"
"/var/log/auth.log.0.bz2",74572,"","auth.log.0.bz2"
"/var/log/auth.log.1.bz2",75580,"","auth.log.1.bz2"
"/var/log/auth.log.2.bz2",72352,"","auth.log.2.bz2"
"/var/log/auth.log.3.bz2",67674,"","auth.log.3.bz2"
"/var/log/auth.log.4.bz2",65672,"","auth.log.4.bz2"
"/var/log/auth.log.5.bz2",73896,"","auth.log.5.bz2"
"/var/log/auth.log.6.bz2",79217,"","auth.log.6.bz2"
"/var/log/borg-backup.log",13318316,"","borg-backup.log"
"/var/log/certbot-renew.log",120570,"","certbot-renew.log"
"/var/log/daemon.log",779089,"","daemon.log"
"/var/log/daemon.log.0.bz2",31246,"","daemon.log.0.bz2"
"/var/log/daemon.log.1.bz2",30848,"","daemon.log.1.bz2"
"/var/log/daemon.log.2.bz2",31503,"","daemon.log.2.bz2"
"/var/log/debug.log",89382,"","debug.log"
"/var/log/devd.log",65,"","devd.log"
"/var/log/dmesg.today",0,"","dmesg.today"
"/var/log/dmesg.yesterday",251,"","dmesg.yesterday"
"/var/log/flood.log",2660480,"","flood.log"
"/var/log/freedns-access.log",1923352,"","freedns-access.log"
"/var/log/freedns-error.log",34093,"","freedns-error.log"
"/var/log/freedns-ssl-access.log",4410711,"","freedns-ssl-access.log"
"/var/log/freedns-ssl-error.log",1343992,"","freedns-ssl-error.log"
"/var/log/httpd-access.log",3382629,"","httpd-access.log"
"/var/log/httpd-error.log",5787754,"","httpd-error.log"
"/var/log/httpd-flood-access.log",1590,"","httpd-flood-access.log"
"/var/log/httpd-flood-error.log",432900,"","httpd-flood-error.log"
"/var/log/httpd-jellyfin-error.log",467100,"","httpd-jellyfin-error.log"
"/var/log/httpd-nextcloud-access.log",932361,"","httpd-nextcloud-access.log"
"/var/log/httpd-nextcloud-error.log",4823,"","httpd-nextcloud-error.log"
"/var/log/httpd-radicale-access.log",544314,"","httpd-radicale-access.log"
"/var/log/httpd-radicale-error.log",176540,"","httpd-radicale-error.log"
"/var/log/httpd/i47i.tk-access.log",9705942,"","httpd"
"/var/log/httpd/i47i.tk-error.log",400820,"","httpd"
"/var/log/manual-upgrades/upgrade-2026-03-08_0400.log",5210,"","manual-upgrades"
"/var/log/manual-upgrades/upgrade-2026-03-15_0400.log",4452,"","manual-upgrades"
"/var/log/manual-upgrades/upgrade-2026-03-22_0400.log",3531,"","manual-upgrades"
"/var/log/manual-upgrades/upgrade-2026-03-29_0400.log",2700,"","manual-upgrades"
"/var/log/matomo-access.log",2246346,"","matomo-access.log"
"/var/log/matomo-error.log",205073,"","matomo-error.log"
"/var/log/messages",511888,"","messages"
"/var/log/mount_monitor.log",526613,"","mount_monitor.log"
"/var/log/mount_monitor.log.old",1048798,"","mount_monitor.log.old"
"/var/log/nextcloud/nextcloud.log",31242,"","nextcloud"
"/var/log/php-fpm.log",1536,"","php-fpm.log"
"/var/log/ppp.log",65,"","ppp.log"
"/var/log/radicale.log",0,"","radicale.log"
"/var/log/rclone_1fichier.log",3527081,"","rclone_1fichier.log"
"/var/log/redis/redis.log",6484550,"","redis"
"/var/log/syncthing.log",12201,"","syncthing.log"
"/var/log/utx.log",0,"","utx.log"
"/var/log/utx.log.0",1850,"","utx.log.0"
"/var/log/utx.log.1",32191,"","utx.log.1"
"/var/log/utx.log.2",27162,"","utx.log.2"
"/var/log/webmail-access.log",39659,"","webmail-access.log"
"/var/log/webmail-error.log",0,"","webmail-error.log"
"/var/log/webmail-ssl-access.log",24984682,"","webmail-ssl-access.log"
"/var/log/webmail-ssl-error.log",28197,"","webmail-ssl-error.log"
"/var/log/wg-restart.log",899,"","wg-restart.log"
1 /var/log/auth.log 249618 auth.log
2 /var/log/auth.log.0.bz2 74572 auth.log.0.bz2
3 /var/log/auth.log.1.bz2 75580 auth.log.1.bz2
4 /var/log/auth.log.2.bz2 72352 auth.log.2.bz2
5 /var/log/auth.log.3.bz2 67674 auth.log.3.bz2
6 /var/log/auth.log.4.bz2 65672 auth.log.4.bz2
7 /var/log/auth.log.5.bz2 73896 auth.log.5.bz2
8 /var/log/auth.log.6.bz2 79217 auth.log.6.bz2
9 /var/log/borg-backup.log 13318316 borg-backup.log
10 /var/log/certbot-renew.log 120570 certbot-renew.log
11 /var/log/daemon.log 779089 daemon.log
12 /var/log/daemon.log.0.bz2 31246 daemon.log.0.bz2
13 /var/log/daemon.log.1.bz2 30848 daemon.log.1.bz2
14 /var/log/daemon.log.2.bz2 31503 daemon.log.2.bz2
15 /var/log/debug.log 89382 debug.log
16 /var/log/devd.log 65 devd.log
17 /var/log/dmesg.today 0 dmesg.today
18 /var/log/dmesg.yesterday 251 dmesg.yesterday
19 /var/log/flood.log 2660480 flood.log
20 /var/log/freedns-access.log 1923352 freedns-access.log
21 /var/log/freedns-error.log 34093 freedns-error.log
22 /var/log/freedns-ssl-access.log 4410711 freedns-ssl-access.log
23 /var/log/freedns-ssl-error.log 1343992 freedns-ssl-error.log
24 /var/log/httpd-access.log 3382629 httpd-access.log
25 /var/log/httpd-error.log 5787754 httpd-error.log
26 /var/log/httpd-flood-access.log 1590 httpd-flood-access.log
27 /var/log/httpd-flood-error.log 432900 httpd-flood-error.log
28 /var/log/httpd-jellyfin-error.log 467100 httpd-jellyfin-error.log
29 /var/log/httpd-nextcloud-access.log 932361 httpd-nextcloud-access.log
30 /var/log/httpd-nextcloud-error.log 4823 httpd-nextcloud-error.log
31 /var/log/httpd-radicale-access.log 544314 httpd-radicale-access.log
32 /var/log/httpd-radicale-error.log 176540 httpd-radicale-error.log
33 /var/log/httpd/i47i.tk-access.log 9705942 httpd
34 /var/log/httpd/i47i.tk-error.log 400820 httpd
35 /var/log/manual-upgrades/upgrade-2026-03-08_0400.log 5210 manual-upgrades
36 /var/log/manual-upgrades/upgrade-2026-03-15_0400.log 4452 manual-upgrades
37 /var/log/manual-upgrades/upgrade-2026-03-22_0400.log 3531 manual-upgrades
38 /var/log/manual-upgrades/upgrade-2026-03-29_0400.log 2700 manual-upgrades
39 /var/log/matomo-access.log 2246346 matomo-access.log
40 /var/log/matomo-error.log 205073 matomo-error.log
41 /var/log/messages 511888 messages
42 /var/log/mount_monitor.log 526613 mount_monitor.log
43 /var/log/mount_monitor.log.old 1048798 mount_monitor.log.old
44 /var/log/nextcloud/nextcloud.log 31242 nextcloud
45 /var/log/php-fpm.log 1536 php-fpm.log
46 /var/log/ppp.log 65 ppp.log
47 /var/log/radicale.log 0 radicale.log
48 /var/log/rclone_1fichier.log 3527081 rclone_1fichier.log
49 /var/log/redis/redis.log 6484550 redis
50 /var/log/syncthing.log 12201 syncthing.log
51 /var/log/utx.log 0 utx.log
52 /var/log/utx.log.0 1850 utx.log.0
53 /var/log/utx.log.1 32191 utx.log.1
54 /var/log/utx.log.2 27162 utx.log.2
55 /var/log/webmail-access.log 39659 webmail-access.log
56 /var/log/webmail-error.log 0 webmail-error.log
57 /var/log/webmail-ssl-access.log 24984682 webmail-ssl-access.log
58 /var/log/webmail-ssl-error.log 28197 webmail-ssl-error.log
59 /var/log/wg-restart.log 899 wg-restart.log