Log Searcher is a Python script for searching through large log files for specific patterns using regular expressions. It's designed to be fast, using multi-threading to speed up the search process. The script also supports searching in subfolders and outputting the results in a JSON format.
- Python 3.x
No external libraries are required.
-
Clone the repository:
git clone https://github.com/mikensec/logsearcher.git
-
Navigate to the folder containing the
log_searcher.pyfile. -
Make the script executable:
On Linux or macOS:
chmod +x log_searcher.py
On Windows: No need to make it executable. Just run with Python.
-
Run the script:
On Linux or macOS:
./log_searcher.py /path/to/logs "string1" "string2" --output my_results.json
On Windows:
python log_searcher.py C:\path\to\logs "string1" "string2" --output my_results.json
- For a simple string search, just include the string in quotes:
"string" - To combine multiple search terms, use
and(case-insensitive):"string1" and "string2" - To search for multiple alternatives, use
or(case-insensitive):"string1" or "string2"
If you provide terms without and or or, the script will search for each term individually across all log files.
-
Search for IP addresses in the range 10.254.0.0/24:
./log_searcher.py /path/to/logs "^10\.254\.0\.([0-9]{1,2}|[01][0-9]{2}|2[0-4][0-9]|25[0-5])$" -
Search for logs containing both
errorandsuccessful:./log_searcher.py /path/to/logs "error" and "successful"
-
Save search results to a file:
./log_searcher.py /path/to/logs "error" --output results.json
The output can be directed to both the terminal and a JSON file. Use the --output flag followed by the filename to specify the output file. When the --output flag is used, results are also printed on the terminal.