yaala is a very flexible analyser for all kinds of logfiles. It uses parsers to extract information from a logfile, an SQL-like query language to relate the information to each other and an output-module to format the information appropriately.
Yaala can process many of the logs created by a network demon. Unfortunately I didn't get to write parsers for all formats yet. If you want a special logfile to be supported and can provide me with about 1000-5000 lines of logfiles it's quite likely to happen.. In the meantime the provided parsers show yaala's potential: From web- (CLI, Apache) and proxy-logs (Squid) to DNS- (Bind9) and MTA-logs (Postfix). For a full list of all parsers see the features page.
Since yaala is written in Perl it is supposed to run on any platform which is supported by Perl. I have heard that people have it running under MS Windows, so it really should run everywhere.. It doesn't depend on any external libraries, however for full functionality you might need to install Storable (part of the Perl distribution since version 5.8) and GD::Graph. But this really is optional.
Here are some key features of "Yaala":
· Output modules (more information at the samples page)
· Input modules
· Common Log Format
· Combined Log Format (Apache)
· WN-Server Detailed Log Format
· Xferlog Format (wu-ftpd, proftpd, etc.)
· Squid Access Log Format
· Postfix entries in the maillog
· Bind9 Query Log Format
· SQL-like query language to select the information you're interested in
· Highly configurable level of detail
· Portable (hopefully all systems perl is running on)
· Script-friendly: All configuration options can be set via the command line
· Persistent data: You don't need to keep old logfiles and speedup for huge files
· Free (distributed under the terms of the GPL)
What's New in This Release:
· Two minor bugfixes have been applied.