{"id":12039,"date":"2019-03-21T04:10:37","date_gmt":"2019-03-21T04:10:37","guid":{"rendered":"http:\/\/www.appservgrid.com\/paw92\/?p=12039"},"modified":"2019-03-21T04:10:37","modified_gmt":"2019-03-21T04:10:37","slug":"petiti-an-open-source-log-analysis-tool-for-linux-sysadmins","status":"publish","type":"post","link":"https:\/\/www.appservgrid.com\/paw92\/index.php\/2019\/03\/21\/petiti-an-open-source-log-analysis-tool-for-linux-sysadmins\/","title":{"rendered":"Petiti \u2013 An Open Source Log Analysis Tool for Linux SysAdmins"},"content":{"rendered":"<p><strong>Petit<\/strong>\u00a0is a free and open source\u00a0<a href=\"https:\/\/www.tecmint.com\/best-linux-log-monitoring-and-management-tools\/\" target=\"_blank\" rel=\"noopener\">command line based log analysis tool<\/a>\u00a0for Unix-like as well as\u00a0<a href=\"https:\/\/www.tecmint.com\/install-cygwin-to-run-linux-commands-on-windows-system\/\" target=\"_blank\" rel=\"noopener\">Cygwin systems<\/a>, designed to rapidly analyze log files in enterprise environments.<\/p>\n<p>It is intended to follow the Unix philosophy of small fast and easy to use, and can be used to inspect\/supports different log file formats including syslog and Apache log files.<\/p>\n<h4>Petit Features<\/h4>\n<ul>\n<li>Supports for log analysis.<\/li>\n<li>Auto-detects and supports various log file formats( e.g. Syslog, Apache Access, Apache Error, Snort Log, Linux Secure Log, and raw log files).<\/li>\n<li>Supports for log Hashing .<\/li>\n<li>Supports command line graphing.<\/li>\n<li>Supports for word discovery and count with common stop-words within log data.<\/li>\n<li>Supports for log reduction for easy reading.<\/li>\n<li>Provides various default and specially made filters.<\/li>\n<li>Supports fingerprints, useful in identifying and excluding reboot signatures.<\/li>\n<li>Offers several output options for wide screen terminals and character selection and many more.<\/li>\n<\/ul>\n<p>In this tutorial, we will show you how to install and use\u00a0<strong>Petit<\/strong>\u00a0log analysis tool in Linux to pull out useful information from system logs in a various ways.<\/p>\n<h3>How to Install and Use Petit Log Analysis Tool in Linux<\/h3>\n<p><strong>Petit<\/strong>\u00a0can be installed from the default repositories of\u00a0<strong>Debian\/Ubuntu<\/strong>\u00a0and its derivatives, using\u00a0<a href=\"https:\/\/www.tecmint.com\/apt-advanced-package-command-examples-in-ubuntu\/\" target=\"_blank\" rel=\"noopener\">apt package management tool<\/a>\u00a0as shown below.<\/p>\n<pre>$ sudo apt install petit<\/pre>\n<p>On\u00a0<strong>RHEL\/CentOS\/Fedora<\/strong>\u00a0systems, download and install the .rpm package like this.<\/p>\n<pre># wget http:\/\/crunchtools.com\/wp-content\/files\/petit\/petit-current.rpm\r\n# rpm -i petit-current.rpm\r\n<\/pre>\n<p>Once installed, it\u2019s time to see the Petit basic usage with examples..<\/p>\n<h4>Hashing a Log File<\/h4>\n<p>This is a straightforward petit function \u2013 it sums up the number of lines discovered in a log file. It\u2019s output comprises of the number of similar lines found in the log and what the group broadly looked like as shown below.<\/p>\n<pre># petit --hash \/var\/log\/yum.log\r\nOR\r\n# petit --hash --fingerprint \/var\/log\/messages\r\n<\/pre>\n<div class=\"code-label\">Petit \u2013 Monitor Yum Log History<\/div>\n<pre>2:\tMar 18 14:35:54 Installed: libiec61883-1.2.0-4.el6.x86_64\r\n2:\tMar 18 15:25:18 Installed: xorg-x11-drv-i740-1.3.4-11.el6.x86_64\r\n1:\tDec 16 12:36:23 Installed: 5:mutt-1.5.20-7.20091214hg736b6a.el6.x86_64\r\n1:\tDec 16 12:36:22 Installed: mailcap-2.1.31-2.el6.noarch\r\n1:\tDec 16 12:40:49 Installed: mailx-12.4-8.el6_6.x86_64\r\n1:\tDec 16 12:40:20 Installed: man-1.6f-32.el6.x86_64\r\n1:\tDec 16 12:43:33 Installed: sysstat-9.0.4-31.el6.x86_64\r\n1:\tDec 16 12:36:22 Installed: tokyocabinet-1.4.33-6.el6.x86_64\r\n1:\tDec 16 12:36:22 Installed: urlview-0.9-7.el6.x86_64\r\n1:\tDec 16 12:40:19 Installed: xz-4.999.9-0.5.beta.20091007git.el6.x86_64\r\n1:\tDec 16 12:40:19 Installed: xz-lzma-compat-4.999.9-0.5.beta.20091007git.el6.x86_64\r\n1:\tDec 16 12:43:31 Updated: 2:tar-1.23-15.el6_8.x86_64\r\n1:\tDec 16 12:43:31 Updated: procps-3.2.8-36.el6.x86_64\r\n1:\tFeb 18 12:40:27 Erased: mysql\r\n1:\tFeb 18 12:40:28 Erased: mysql-libs\r\n1:\tFeb 18 12:40:22 Installed: MariaDB-client-10.1.21-1.el6.x86_64\r\n1:\tFeb 18 12:40:12 Installed: MariaDB-common-10.1.21-1.el6.x86_64\r\n1:\tFeb 18 12:40:10 Installed: MariaDB-compat-10.1.21-1.el6.x86_64\r\n1:\tFeb 18 12:54:50 Installed: apr-1.3.9-5.el6_2.x86_64\r\n......\r\n<\/pre>\n<h4>Finding Number Of Lines Produced by a Daemon<\/h4>\n<p>Using the\u00a0<code>--daemon<\/code>\u00a0option helps to output a basic report of lines produced by particular system daemon as shown in the example below.<\/p>\n<pre># petit --hash --daemon \/var\/log\/syslog\r\n<\/pre>\n<div class=\"code-label\">Petit \u2013 Monitor SysLog Entries<\/div>\n<pre>847:\tvmunix:\r\n48:\tCRON[#]:\r\n30:\tdhclient[#]:\r\n26:\tnm-dispatcher:\r\n14:\trtkit-daemon[#]:\r\n6:\tsmartd[#]:\r\n5:\tntfs-#g[#]:\r\n4:\tudisksd[#]:\r\n3:\tmdm[#]:\r\n2:\tag[#]:\r\n2:\tsyslogd\r\n1:\tcinnamon-killer-daemon:\r\n1:\tcinnamon-session[#]:\r\n1:\tpulseaudio[#]:\r\n<\/pre>\n<h4>Finding Number Of Lines Produced by a Host<\/h4>\n<p>To find all the number of lines generated by a particular host, use the\u00a0<code>--host<\/code>\u00a0flag as shown below. This can be useful when analyzing log files for more than one host.<\/p>\n<pre><strong># petit --host \/var\/log\/syslog<\/strong>\r\n\r\n999:\ttecmint\r\n<\/pre>\n<h4>Performing a Word Count in a Log File<\/h4>\n<p>This function is used to search and display qualitatively significant words in a log file.<\/p>\n<pre># petit --wordcount \/var\/log\/syslog\r\n<\/pre>\n<div class=\"code-label\">Petit \u2013 List Number of Word Count in Logs<\/div>\n<pre>845:\t[\r\n97:\t[mem\r\n75:\tACPI:\r\n64:\tpci\r\n62:\tdebian-sa#\r\n62:\tto\r\n51:\tUSB\r\n50:\tof\r\n49:\tdevice\r\n47:\t&amp;&amp;\r\n47:\t(root)\r\n47:\tCMD\r\n47:\tusb\r\n41:\tsystemd#\r\n36:\tACPI\r\n32:\t&gt;\r\n32:\tdriver\r\n32:\treserved\r\n31:\t(comm#\r\n31:\t-v\r\n<\/pre>\n<h4>Graphing a Log File<\/h4>\n<p>This works in a key\/value bar charting format, for side by side comparison of distributions as shown in the examples below.<\/p>\n<p>To graph the first 60 seconds in a syslog, use the\u00a0<code>--sgrapg<\/code>\u00a0flag like this.<\/p>\n<pre># petit --sgraph \/var\/log\/syslog\r\n<\/pre>\n<div class=\"code-label\">Petit \u2013 Graph a Log File<\/div>\n<pre>#                                                           \r\n#                                                           \r\n#                                                           \r\n#                                                           \r\n#                                                           \r\n############################################################\r\n59                            29                           58 \r\n\r\nStart Time:\t2017-06-08 09:45:59 \t\tMinimum Value: 0\r\nEnd Time:\t2017-06-08 09:46:58 \t\tMaximum Value: 1\r\nDuration:\t60 seconds \t\t\tScale: 0.166666666667\r\n<\/pre>\n<h4>Tracking Particular Words in a Log File<\/h4>\n<p>This example shows how to track and graph a specific word (e.g \u201c<strong>dhcp<\/strong>\u201d in the command below) in a log file.<\/p>\n<pre># cat \/var\/log\/messages | grep error | petit --mgraph\r\n<\/pre>\n<div class=\"code-label\">Petit \u2013 Track a Word in Logs<\/div>\n<pre>#                        #                          #       \r\n#                        #                          #       \r\n#                        #                          #       \r\n#                        #                          #       \r\n#                        #                          #       \r\n############################################################\r\n10                            40                           09 \r\n\r\nStart Time:\t2017-06-08 10:10:00 \t\tMinimum Value: 0\r\nEnd Time:\t2017-06-08 11:09:00 \t\tMaximum Value: 2\r\nDuration:\t60 minutes \t\t\tScale: 0.333333333333\r\n<\/pre>\n<p>Additionally, to show samples for each entry in a log file, use the\u00a0<strong>\u2013allsamples<\/strong>\u00a0option like this.<\/p>\n<pre># petit --hash --allsample \/var\/log\/syslog\r\n<\/pre>\n<p><strong>Important Petit Files<\/strong>:<\/p>\n<ul>\n<li><strong>\/var\/lib\/petit\/fingerprint_library<\/strong>\u00a0\u2013 used to construct custom fingerprint files.<\/li>\n<li><strong>\/var\/lib\/petit\/fingerprints<\/strong>\u00a0(aggregate fingerprint files) \u2013 used to filter out reboots and other events not considered vital by the system administrator.<\/li>\n<li>\/var\/lib\/petit\/filters\/<\/li>\n<\/ul>\n<p>For more information and usage options, read the\u00a0<strong>petit<\/strong>\u00a0man page like this.<\/p>\n<pre># man petit\r\nOR\r\n# petit -h\r\n<\/pre>\n<p>Petit Homepage:\u00a0<a href=\"http:\/\/crunchtools.com\/software\/petit\/\" target=\"_blank\" rel=\"nofollow noopener\">http:\/\/crunchtools.com\/software\/petit\/<\/a><\/p>\n<p>Also read through these useful guides concerning log monitoring and management in Linux:<\/p>\n<ol>\n<li><a href=\"https:\/\/www.tecmint.com\/best-linux-log-monitoring-and-management-tools\/\" target=\"_blank\" rel=\"noopener\">4 Good Open Source Log Monitoring and Management Tools for Linux<\/a><\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/manage-linux-system-logs-using-rsyslogd-and-logrotate\/\" target=\"_blank\" rel=\"noopener\">How to Manage System Logs (Configure, Rotate and Import Into Database) in Linux<\/a><\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/install-logrotate-to-manage-log-rotation-in-linux\/\" target=\"_blank\" rel=\"noopener\">How to Setup and Manage Log Rotation Using Logrotate in Linux<\/a><\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/linux-server-log-monitoring-with-log-io\/\" target=\"_blank\" rel=\"noopener\">Monitor Server Logs in Real-Time with \u201cLog.io\u201d Tool on Linux<\/a><\/li>\n<\/ol>\n<p><a href=\"https:\/\/www.tecmint.com\/petiti-log-analysis-tool-for-linux-sysadmins\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Petit\u00a0is a free and open source\u00a0command line based log analysis tool\u00a0for Unix-like as well as\u00a0Cygwin systems, designed to rapidly analyze log files in enterprise environments. It is intended to follow the Unix philosophy of small fast and easy to use, and can be used to inspect\/supports different log file formats including syslog and Apache log &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.appservgrid.com\/paw92\/index.php\/2019\/03\/21\/petiti-an-open-source-log-analysis-tool-for-linux-sysadmins\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Petiti \u2013 An Open Source Log Analysis Tool for Linux SysAdmins&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-12039","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/12039","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/comments?post=12039"}],"version-history":[{"count":1,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/12039\/revisions"}],"predecessor-version":[{"id":12040,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/12039\/revisions\/12040"}],"wp:attachment":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/media?parent=12039"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/categories?post=12039"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/tags?post=12039"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}