A professional Python log analysis tool with CLI and GUI interfaces. Supports multiple log formats, pattern detection, anomaly detection, and comprehensive reporting.
| Feature | Description |
|---|---|
| 📂 Multi-Format Support | Apache, Nginx, Syslog, JSON, and generic log formats |
| 🔍 Pattern Detection | Regex-based error and security threat detection |
| 📊 Statistical Analysis | Log level distribution, IP frequency, request analysis |
| 🚨 Anomaly Detection | Error spikes, IP flooding, unusual patterns |
| 📈 Time Series Analysis | Trend detection and time-based bucketing |
| 📋 Multiple Reports | HTML, JSON, CSV, and console output formats |
| 🖥️ CLI & GUI | Command-line and graphical interfaces |
| ⚡ Real-time Watching | Live log file monitoring (tail -f style) |
| 🔒 Security Analysis | SQL injection, XSS, path traversal detection |
# Clone the repository
git clone https://github.com/alikesk222/log-analyzer-bot.git
cd log-analyzer-bot
# No dependencies required! Uses only Python standard library.
# Optional: Install for enhanced features
pip install -r requirements.txt# Analyze a log file
python main.py analyze access.log
# Quick statistics
python main.py stats /var/log/syslog
# Generate HTML report
python main.py analyze access.log -f html -o report
# Watch log file in real-time
python main.py watch /var/log/syslog
# Search for patterns
python main.py search access.log "error" -i
# Launch GUI
python main.py --gui
# or
python run_gui.pypython main.py analyze <files> [options]
Options:
-p, --parser Parser type: auto, apache, nginx, syslog, json, generic
-f, --format Output format: console, html, json, csv
-o, --output Output file path
-n, --max-lines Maximum lines to analyze
--analyzers Specific analyzers: pattern, statistics, anomaly, timeseriesExamples:
# Analyze multiple files
python main.py analyze access.log error.log
# Use specific parser
python main.py analyze server.log -p nginx
# Generate JSON report
python main.py analyze app.log -f json -o analysis.json
# Run only specific analyzers
python main.py analyze app.log --analyzers statistics anomalypython main.py stats <file> [-n MAX_LINES]Shows a quick overview including:
- Total entries, errors, warnings
- Log level distribution
- Time range and entry rate
python main.py watch <file> [options]
Options:
-i, --interval Check interval in seconds (default: 1.0)
--filter-level Minimum log level to showpython main.py search <file> <pattern> [options]
Options:
-i, --ignore-case Case-insensitive search
-c, --count Show only match countLaunch the graphical interface:
python main.py --gui
# or
python run_gui.pyFeatures:
- 📂 File browser for log selection
- 📊 Real-time analysis with progress indicator
- 📋 Tabbed interface for different views
- 📈 Visual statistics with progress bars
- 💾 Export reports in multiple formats
192.168.1.1 - user [06/Dec/2024:10:15:30 +0000] "GET /page HTTP/1.1" 200 1234 "-" "Mozilla/5.0"
2024/12/06 10:15:30 [error] 1234#0: *567 upstream timed out
Dec 6 10:15:30 hostname program[1234]: Log message here
{"timestamp": "2024-12-06T10:15:30Z", "level": "ERROR", "message": "Something failed"}The analyzer detects various patterns:
| Category | Patterns |
|---|---|
| Connection Errors | connection refused, timeout, reset |
| Authentication | failed login, invalid password, access denied |
| Resource Issues | out of memory, disk full, too many files |
| Database | SQL errors, deadlock, connection issues |
| Security Threats | SQL injection, XSS, path traversal |
| Application | exceptions, stack traces, segfaults |
Automatically detects:
- 📈 Error Spikes - Sudden increases in error rates
- 🌊 IP Flooding - Unusual request volumes from single IPs
⚠️ High Error Rates - Excessive 4xx/5xx HTTP status codes- 🔒 Security Threats - SQL injection attempts, XSS, brute force
log-analyzer-bot/
├── log_analyzer/
│ ├── __init__.py # Package initialization
│ ├── parsers.py # Log format parsers
│ ├── analyzers.py # Analysis engines
│ ├── reporters.py # Report generators
│ ├── cli.py # Command-line interface
│ ├── gui.py # Graphical interface
│ ├── config.py # Configuration
│ └── utils.py # Utility functions
├── samples/
│ ├── apache_access.log
│ ├── syslog.log
│ └── application.json
├── tests/
│ └── ...
├── main.py # Main entry point
├── run_gui.py # GUI launcher
├── requirements.txt
├── setup.py
├── LICENSE
└── README.md
Customize analysis in log_analyzer/config.py:
DEFAULT_CONFIG = {
'max_lines': 100000,
'chunk_size': 10000,
'anomaly_threshold': 2.0,
'time_bucket_minutes': 5,
'top_n_items': 10,
}# Run tests
python -m pytest tests/ -v
# Test with sample logs
python main.py analyze samples/apache_access.log
python main.py analyze samples/application.json
python main.py analyze samples/syslog.log==================================================
LOG ANALYSIS REPORT
==================================================
Generated: 2024-12-06 10:30:45
▶ Statistics
----------------------------------------
Total Entries: 25
Errors: 5
Warnings: 3
Time Range: 2024-12-06 10:15:30 - 2024-12-06 10:15:54
Rate: 62.5 entries/min
Log Level Distribution:
INFO [████████████░░░░░░░░] 60.0% (15)
ERROR [████░░░░░░░░░░░░░░░░] 20.0% (5)
WARNING [███░░░░░░░░░░░░░░░░░] 12.0% (3)
▶ Anomaly Detection
----------------------------------------
No anomalies detected ✓
Generates a beautiful dark-themed HTML report with:
- Statistics overview cards
- Interactive tables
- Visual progress bars
- Anomaly alerts
Contributions are welcome! Please:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit changes (
git commit -m 'Add amazing feature') - Push to branch (
git push origin feature/amazing-feature) - Open a Pull Request
This project is licensed under the MIT License - see the LICENSE file for details.
- Built with Python's powerful standard library
- Inspired by tools like GoAccess, Logwatch, and Splunk
- Dark theme UI inspired by modern dashboards
Made with ❤️ by Log Analyzer Team