rpert/log_analysis
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2 Commits 1 Branch 0 Tags
main
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
rpert e96a8b03fc Initial cross-server log inventory + anomaly scan 
- 10 hosts (mo1, ams, ams2, ro1, ca1, ca2, ca3, fr1, sony, termux)
- discover-logs.sh: portable inventory (Linux/FreeBSD/Termux)
- scan-anomalies.sh: ERROR/WARN/CRITICAL counts + journalctl + kubectl
- run-all.sh: parallel SSH fan-out
- build-summary.py: aggregates into reports/SUMMARY.md
- 5 HIGH-severity findings identified on ro1 (apache scanner traffic, mount_monitor warnings)
2026-04-10 21:49:17 +00:00
anomalies
Initial cross-server log inventory + anomaly scan
2026-04-10 21:49:17 +00:00
logs/inventory
Initial cross-server log inventory + anomaly scan
2026-04-10 21:49:17 +00:00
reports
Initial cross-server log inventory + anomaly scan
2026-04-10 21:49:17 +00:00
scripts
Initial cross-server log inventory + anomaly scan
2026-04-10 21:49:17 +00:00
README.md
Initial cross-server log inventory + anomaly scan
2026-04-10 21:49:17 +00:00

README.md

log_analysis

Cross-server log inventory and anomaly scanning across the rpert infrastructure (10 hosts: mo1, ams, ams2, ro1, ca1, ca2, ca3, fr1, sony, termux).

Layout

log_analysis/
├── README.md
├── scripts/
│   ├── discover-logs.sh    # portable log inventory (Linux/FreeBSD/Termux)
│   ├── scan-anomalies.sh   # ERROR/WARN/CRITICAL counts + journalctl scan
│   └── run-all.sh          # fan out both scripts to every host via SSH
├── logs/
│   └── inventory/<host>.csv   # path,size_bytes,mtime,service
├── anomalies/
│   └── <host>.txt             # raw anomaly findings per host
└── reports/
    └── SUMMARY.md             # cross-host roll-up + recommendations

Hosts

Host OS SSH
mo1 Debian local
ams FreeBSD ssh ams (sudo -n)
ams2 FreeBSD ssh ams2 (sudo -n)
ro1 FreeBSD ssh ro1 (sudo -n)
ca1 Ubuntu ssh ca1
ca2 Debian ssh ca2
ca3 Debian ssh -p 15120 ca3
fr1 Ubuntu ssh fr1
sony Debian ssh sony (laptop)
termux Android ssh -p 8022 termux

Usage

./scripts/run-all.sh        # discovery + anomaly scan, all hosts
git add -A && git commit -m "refresh $(date -I)" && git push

Reports land in reports/SUMMARY.md.

Notes

  • FreeBSD hosts use sudo -n + BatchMode=yes (per memory).
  • Discovery uses locate/plocate where available, falls back to scanning /var/log with du. find is avoided per project preference.
  • Sony and Termux may be offline; the runner skips unreachable hosts.
Reference in New Issue View Git Blame Copy Permalink
Description
Cross-server log inventory and anomaly reports
Readme 52 KiB
Languages
Python 51.9%
Shell 48.1%