logparse: add --tail mode

2025-03-25 12:11:51 +01:00 · 2025-03-25 12:11:51 +01:00 · 60c0ab155d
commit 60c0ab155d
parent 40dc4c2e3c
1 changed files with 83 additions and 54 deletions
--- a/45
+++ b/45
@ -3,7 +3,7 @@
 # shellcheck shell=bash

 # Caddy webserver JSON log parser
-# version 0.1.1
+# version 0.1.2
 #
 # This script reads a Caddy logfile in JSON format and
 # outputs it in Apache Common Log Format.
@ -43,6 +43,8 @@ declare -A selectors=(
 		elif $version == 771 then "TLS 1.2"
 		elif $version == 772 then "TLS 1.3"
 		else $version end'
+	# golang cipher suites are defined in
+	# https://github.com/golang/go/blob/master/src/crypto/tls/cipher_suites.go
 	[tls_cipher_suite]='.request.tls.cipher_suite as $cs |
 		  if $cs == 5 then "TLS_RSA_WITH_RC4_128_SHA"
 		elif $cs == 10 then "TLS_RSA_WITH_3DES_EDE_CBC_SHA"
@ -70,8 +72,7 @@ declare -A selectors=(
 		elif $cs == 4866 then "TLS_AES_256_GCM_SHA384"
 		elif $cs == 4867 then "TLS_CHACHA20_POLY1305_SHA256"
 		elif $cs == 22016 then "TLS_FALLBACK_SCSV"
-		 elif $cs == 52392 then "TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305" 
-		 elif $cs == 52393 then "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305" else $cs end'
+		else $cs end'
 	[tls_proto]='.request.tls.proto'
 	[tls_server_name]='.request.tls.server_name'
 	[bytes_read]='.bytes_read'
@ -131,13 +132,15 @@ declare -A placeholders=(
 # Show command line syntax
 show_help() {
 	cat <<END
-Usage: $0 [-c | -C | -s "selectors"] [-F <config_file>] filename
+Usage: $0 [-c | -C | -s "selectors"] [-F <config_file>] [-t [NUM] [-f]] filename

 Options:
  -c, --common		 Apache Common Log Format (default)
  -C, --combined	 Apache Combined Log Format
  -s, --selector	 Use a space separated list of selectors
  -F, --config-file	 Use a configuration file
+  -t, --tail [NUM]	 Output the last NUM lines from log file (default: 15)
+  -f, --follow		 Continuously monitor log file for new entries
  -h, --help		 Show this help message and exit

 END
@ -185,11 +188,19 @@ log_format() {
 		fi
 	done

-	if [ $DEBUG -eq 1 ]; then
+	if [ "$tail_mode" -eq 1 ]; then
+		if [ "$DEBUG" -eq 1 ]; then
+			echo tail $tail_opts "$file" '|' jq -r ". ${filter_parts} | \"${output_parts}\""
+		else
+			tail $tail_opts "$file" | jq -r ". ${filter_parts} | \"${output_parts}\""
+		fi
+	else
+		if [ "$DEBUG" -eq 1 ]; then
 			echo jq -r ". ${filter_parts} | \"${output_parts}\"" "${file}"
 		else
 			jq -r ". ${filter_parts} | \"${output_parts}\"" "${file}"
 		fi
+	fi
 }

 ######################
@ -199,6 +210,10 @@ log_format() {
 # Enable enable debug output
 DEBUG=$((DEBUG == 1 ? 1 : 0))

+# Tail mode disabled by default
+tail_rows=15
+tail_mode=0
+
 debug "main: command_line options: $#"
 # Parse command line options
 while [ "$#" -gt 0 ]; do
@ -227,6 +242,20 @@ while [ "$#" -gt 0 ]; do
 			format="custom"
 			shift 2
 			;;
+		-t|--tail)
+			tail_mode=1
+			if [[ "$2" =~ ^[0-9]+$ ]]; then
+				tail_opts="-n $2"
+				shift 2
+			else
+				tail_opts="-n $tail_rows"
+				shift
+			fi
+			;;
+		-f|--follow)
+			tail_opts+=" -F"
+			shift
+			;;
 		-h|--help)
 			show_help
 			exit 0
@ -318,12 +347,12 @@ esac
 ####
 # Apaches common and combined log formats are widely supported
 # in log readers and easily read by humans.
-
-# https://httpd.apache.org/docs/current/da/logs.html
+#
+# https://httpd.apache.org/docs/current/en/logs.html
 #
 # Apache Commong Log format:
 # "%h %l %u %t \"%r\" %>s %b"
-
+#
 # Apache Combined LogFormat:
 # "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
 #