CLI for querying graylog logging server
Project description
Bonfire is a command line interface to query Graylog searches via the REST API. It tries to emulate the feeling of using tail on a local file.
Usage
Examples:
> bonfire -h logserver -u jdoe -@ "10 minutes ago" "*" ... > bonfire -h logserver -u jdoe -f "source:localhost AND level:2" ...
Bonfire usage:
Usage: bonfire [OPTIONS] [QUERY]
Bonfire - An interactive graylog cli client
Options:
--node TEXT Label of a preconfigured graylog node
-h, --host TEXT Your graylog node's host
-s, --tls Use HTTPS
--port INTEGER Your graylog port (default: 12900)
--endpoint TEXT Your graylog API endpoint e.g /api (default:
/)
-u, --username TEXT Your graylog username
-p, --password TEXT Your graylog password (default: prompt)
-k, --keyring / -nk, --no-keyring
Use keyring to store/retrieve password
-@, --search-from TEXT Query range from
-#, --search-to TEXT Query range to (default: now)
-t, --tail Show the last n lines for the query
(default)
-d, --dump Print the query result as a csv
-f, --follow Poll the logging server for new logs
matching the query (sets search from to now,
limit to None)
-l, --interval INTEGER Polling interval in ms (default: 1000)
-n, --limit INTEGER Limit the number of results (default: 10)
-a, --latency INTEGER Latency of polling queries (default: 2)
-r, --stream TEXT Stream ID of the stream to query (default:
no stream filter)
-e, --field TEXT Fields to include in the query result
-x, --template-option TEXT Template options for the stored query
-s, --sort TEXT Field used for sorting (default: timestamp)
--asc / --desc Sort ascending / descending
--help Show this message and exit.
Configuration
Bonfire can be configured. It will look for a ~/.bonfire.cfg or a bonfire.cfg (in the current directory). The configuration file can specify API nodes. If no host is specified a node with the name default will be used. You can also configure queries which can be referenced by starting your query with a colon:
[node:default] host=1.2.3.4 port=12900 endpoint=/ username=jdoe [node:dev] host=4.3.2.1 port=9000 endpoint=/api username=jdoe password=H4rrH4rrB0bba [query:example] query=facility:*foo* AND source:*bar* from=2015-03-01 15:00:00 limit=100 fields=message,name,facility,source
Now you can run queries via such as:
> bonfire --node=dev :example ... runs the example query on the node dev > bonfire :example ... runs the example query on the default node
Query Templates
Options
Queries
Testing
Cf. the travis script for running tests. Make sure you disable proxies / set noproxy if you’re using a proxy, to be able to reach the test dummy server (called dummyserver), e.g.:
> env no_proxy=dummyhost python setup.py test
Known Bugs
bonfire expects graylog’s timezone to be UTC.
Development
Once you want to release a new version, do the following:
bring your git tree in order, cut the release, and tag it with the desired version
install necessary pip packages: > python3 -m pip install –-user –-upgrade setuptools wheel twine
bundle your release: > python3 setup.py sdist bdist_wheel
publish it: > python3 -m twine upload dist/*
Note that if you have several different versions in dist, you might want to specify which one you want to publish.
Release Notes
- v0.0.7: Issues fixes, TLS and Proxy support
Adds support for proxies
Adds support for https urls
Add timestamps to the dump format
- v0.0.6: Documentation fix
Change of README.rst
- v0.0.5: Clean up
Removed terminal UI ideas
Added first tests
Fixed date and time handling with timezones
Added python3 compatibility
- v0.0.4: Extended documentation & stream access
Use the first stream the user has access to if no stream is specified and the user has no global search rights
- v0.0.3: Small fixes
Use accept header in GET requests.
Fix bug when querying specific fields
- v0.0.1: Initial release
Limited feature set.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file bonfire-1.0.0rc1.tar.gz.
File metadata
- Download URL: bonfire-1.0.0rc1.tar.gz
- Upload date:
- Size: 15.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/4.6.1 pkginfo/1.7.0 requests/2.22.0 requests-toolbelt/0.9.1 tqdm/4.61.2 CPython/3.6.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ac5eef24a8bac8519d1872d1a4a49a431b5d2c2d8b05d13c4ad30b56f869a3a6 |
|
| MD5 | 0b0c0dbf1a0cb36d752f6ff4914f2074 |
|
| BLAKE2b-256 | d4e1bd39f49469c45b5db5d49b05ba455e2c74fa1bbd92a9b6e0a09f38dd5094 |
File details
Details for the file bonfire-1.0.0rc1-py3-none-any.whl.
File metadata
- Download URL: bonfire-1.0.0rc1-py3-none-any.whl
- Upload date:
- Size: 18.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.4.1 importlib_metadata/4.6.1 pkginfo/1.7.0 requests/2.22.0 requests-toolbelt/0.9.1 tqdm/4.61.2 CPython/3.6.9
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 9a09bf8c7b5deedd06a9bb6f1cf287becbcc206a08dfd8e70a91cda12701f709 |
|
| MD5 | 9cbcbffe3f8efa8ae4e867ab03adb96e |
|
| BLAKE2b-256 | af5616e965a83dc524106f484706e434ec4232b4259eff54422562539534163a |
