Query Apache logfiles via SQL
asql is a simple console shell which allows you to run SQL queries against an Apache logfile, something that can be very useful - especially at getting information which is not easily available via static logfile analysers.
Download asql
The links below should allow you to download the code in your preferred form:
In terms of requirements you will need only the Perl modules for working with SQLite database, and the Term::Readline module. Upon a Debian system you may install both via:
apt-get install libdbd-sqlite3-perl libterm-readline-gnu-perl
Usage Overview
Once installed, either via the package or via the source download, please start the shell by typing "asql".
Once the shell starts you have several commands available to you, enter help for a complete list. The three most commonly used commands would be:
- load
This will load an Apache logfile into the temporary database which is created at startup. Single files, or globs are accepted so you may run something like this:
load /var/log/apache2/acces*
To save time parsing the input files more than once you may saving the resulting database with save and later restore it. - select
This allows you to run an actual query. - show
This shows the table structure the logfile was parsed into.
Sample session
The following sample session provides a demonstration of typical usage of the shell, it demonstrates the use of the alias command which may be used to create persistent aliases:
asql v0.6 - type 'help' for help.
asql> load /home/skx/hg/engaging/logs/access.log
Loading: /home/skx/hg/engaging/logs/access.log
sasql> select COUNT(id) FROM logs
46
asql> alias hits SELECT COUNT(id) FROM logs
ALIAS hits SELECT COUNT(id) FROM logs
asql> alias ips SELECT DISTINCT(source) FROM logs;
ALIAS ips SELECT DISTINCT(source) FROM logs;
asql> hits
46
asql> alias
ALIAS hits SELECT COUNT(id) FROM logs
ALIAS ips SELECT DISTINCT(source) FROM logs;
(User-input is in bold for emphasis)
More examples may be found in the included README.
|