log_sense 1.3.2 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6498507bb6ae7e6ba5505609421154358790f095bd9cfe5ab912920b2409f7d1
-  data.tar.gz: 0ccb5fa005b8f1e47545bf98ce05273f07bd452d3be54c5bd1a7f124c96558d9
+  metadata.gz: 266e20972553f6d409814398dab832334a4c01bfa12e90c74acfdc75ee0b7c8d
+  data.tar.gz: 228e6bdc2d931e5190d82fc5ba66660ff6f0de0277a876746154de81a1ffe4e2
 SHA512:
-  metadata.gz: e12760ccdfc518c7221afa337f4ac1c8a77219cd3ed65510486e3ce945e6129519aa3fe93b05845a5430b9bc52359d70591e0fcbd346e971527af1760c304e5c
-  data.tar.gz: 8d38d8ed84287722b77f51599598b84a2257f9f86d2dd3815faf25dfb7db4ab16e68dbf737c7d005519ac5f9fe1d4b41cd896dfaf862eabb6a7dc4f033d2bb13
+  metadata.gz: f1454d78cfec258ff3bc69359be29178ebab4cf7ffd2869d736c29f2cffd6efe209f65be59298864bf94de30bd022a3397c91446b043c49e704b6d38ced59357
+  data.tar.gz: aa7239af4bb17270a23d9931194859b01a8ff50ebb9cc3c3ed37aeac1702aef413051b0381c57208dcffedd31ccbff5bd0a9485c0fe18947f540cda9f4463acd

data/CHANGELOG.org

@@ -2,6 +2,29 @@
 #+AUTHOR: Adolfo Villafiorita
 #+STARTUP: showall
 
+* 1.4.0
+
+- [User] The Apache Log report now organizes page requests in four
+  tables:
+  - success on HTML pages
+  - success on other resources
+  - failures on HTML pages
+  - failures on other resources
+- [User] Increased the default limit of pages in reports to 900
+- [User] The return status in now included in the page and resources
+  reports
+- [User] The "Attack" table has been removed, since the data can be
+  gotten from the previous tables
+- [Fixed] HTML pages are those with extension ".html" and ".htm"
+- [Fixed] Wrong data on summary table of the apache report has
+  been fixed
+- [Fixed] Better JavaScript escaping to avoid log poisoning
+- [Fixed] Strengthened the Apache log parser
+
+* 1.3.3 and 1.3.4
+
+- [Gem] Moved repository to Github and fixes to gemspec
+
 * 1.3.2
 
 - [Code] HTML reports now generate JSON data which is shared between

data/README.org

@@ -43,7 +43,7 @@ stored on your computer and owned by you (like it should be)[fn:1].
 LogSense is also inspired by *static websites generators*: statistics
 are generated from the command line and accessed as static HTML files.
 LogSense thus significantly reduces the attack surface of your
-webserver and installation headaches.  We have, for instance, a Cron
+web server and installation headaches.  We have, for instance, a cron
 job running on our servers, generating statistics at night.  The
 generated files are then made available on a private area on the web.
 
@@ -76,22 +76,23 @@ generated files are then made available on a private area on the web.
       -v, --version                    Prints version information
       -h, --help                       Prints this help
 
-  This is version 1.1.1
+  This is version 1.3.1
 
   Output formats
-  apache parsing can produce the following outputs:
-    - sqlite
-    - html
   rails parsing can produce the following outputs:
     - sqlite
     - txt
+    - html
+  apache parsing can produce the following outputs:
+    - sqlite
+    - html
   #+end_example
 
 Examples:
 
 #+begin_example sh
 log_sense -f apache -i access.log -t txt > access-data.txt
-log_sense -f rails -i production.log -t html > performance.txt
+log_sense -f rails -i production.log -t html -o performance.txt
 #+end_example
 
 * Change Log

data/lib/log_sense/apache_data_cruncher.rb

@@ -6,7 +6,7 @@ module LogSense
     # @ variables are automatically put in the returned data
     #
 
-    def self.crunch db, options = { limit: 30 }
+    def self.crunch db, options = { limit: 900 }
       first_day_s = db.execute "SELECT datetime from LogLine order by datetime limit 1"
       last_day_s  = db.execute "SELECT datetime from LogLine order by datetime desc limit 1"
 
@@ -89,16 +89,18 @@ module LogSense
 
       @daily_distribution = db.execute "SELECT date(datetime), #{human_readable_day}, count(datetime), count(distinct(unique_visitor)), #{human_readable_size} from LogLine  where #{filter} group by date(datetime)"
       @time_distribution = db.execute "SELECT strftime('%H', datetime), count(datetime), count(distinct(unique_visitor)), #{human_readable_size} from LogLine  where #{filter} group by strftime('%H', datetime)"
-      @most_requested_pages = db.execute "SELECT path, count(path), count(distinct(unique_visitor)), #{human_readable_size} from LogLine where extension == '.html' and #{filter} group by path order by count(path) desc limit #{options[:limit]}"
-      @most_requested_resources = db.execute "SELECT path, count(path), count(distinct(unique_visitor)), #{human_readable_size} from LogLine  where #{filter} group by path order by count(path) desc limit #{options[:limit]}"
-      @missed_pages = db.execute "SELECT path, count(path), count(distinct(unique_visitor)) from LogLine where status == '404' and extension == '.html' and #{filter} group by path order by count(path) desc limit #{options[:limit]}"
-      @missed_resources = db.execute "SELECT path, count(path), count(distinct(unique_visitor)) from LogLine where status == '404' and #{filter} group by path order by count(path) desc limit #{options[:limit]}"
 
-      @reasonable_requests_exts = [ ".html", ".css", ".js", ".jpg", ".svg", ".png", ".woff", ".xml", ".ttf", ".ico", ".pdf", ".htm", ".txt", ".org" ].map {  |x|
-        "extension != '#{x}'"
-      }.join " and "
+      good_statuses = "(status like '2%' or status like '3%')"
+      bad_statuses = "(status like '4%' or status like '5%')"
+      html_page = "(extension like '.htm%')"
+      non_html_page = "(extension not like '.htm%')"
+
+      @most_requested_pages = db.execute "SELECT path, count(path), count(distinct(unique_visitor)), #{human_readable_size}, status from LogLine where #{good_statuses} and #{html_page} and #{filter} group by path order by count(path) desc limit #{options[:limit]}"
+      @most_requested_resources = db.execute "SELECT path, count(path), count(distinct(unique_visitor)), #{human_readable_size}, status from LogLine where #{good_statuses} and #{non_html_page} and #{filter} group by path order by count(path) desc limit #{options[:limit]}"
+
+      @missed_pages = db.execute "SELECT path, count(path), count(distinct(unique_visitor)), status from LogLine where #{bad_statuses} and #{html_page} and #{filter} group by path order by count(path) desc limit #{options[:limit]}"
+      @missed_resources = db.execute "SELECT path, count(path), count(distinct(unique_visitor)), status from LogLine where #{bad_statuses} and #{filter} group by path order by count(path) desc limit #{options[:limit]}"
 
-      @attacks = db.execute "SELECT path, count(path), count(distinct(unique_visitor)) from LogLine where status == '404' and #{filter} and (#{@reasonable_requests_exts}) group by path order by count(path) desc  limit #{options[:limit]}"
       @statuses = db.execute "SELECT status, count(status) from LogLine where #{filter} group by status order by status"
 
       @by_day_4xx = db.execute "SELECT date(datetime), count(datetime) from LogLine where substr(status, 1,1) == '4' and #{filter} group by date(datetime)"

data/lib/log_sense/apache_log_line_parser.rb

@@ -33,20 +33,19 @@ module LogSense
 
     HTTP_METHODS=/GET|HEAD|POST|PUT|DELETE|CONNECT|OPTIONS|TRACE|PATCH/
     WEBDAV_METHODS=/COPY|LOCK|MKCOL|MOVE|PROPFIND|PROPPATCH|UNLOCK/
-    OTHER_METHODS=/SEARCH|REPORT/
+    OTHER_METHODS=/SEARCH|REPORT|PRI|HEAD\/robots.txt/
     METHOD=/(?<method>#{HTTP_METHODS}|#{WEBDAV_METHODS}|#{OTHER_METHODS})/
-    PROTOCOL=/(?<protocol>HTTP\/[0-9]\.[0-9])/
+    PROTOCOL=/(?<protocol>HTTP\/[0-9]\.[0-9]|-|.*)/
     URL=/(?<url>[^ ]+)/
-    REFERER=/(?<referer>[^ ]+)/
+    REFERER=/(?<referer>[^"]*)/
     RETURN_CODE=/(?<status>[1-5][0-9][0-9])/
     SIZE=/(?<size>[0-9]+|-)/
-
-    USER_AGENT = /(?<user_agent>[^"]+)/
+    USER_AGENT = /(?<user_agent>[^"]*)/
 
     attr_reader :format
 
     def initialize 
-      @format = /#{IP} #{IDENT} #{USERID} \[#{TIMESTAMP}\] "#{METHOD} #{URL} #{PROTOCOL}" #{RETURN_CODE} #{SIZE} "#{REFERER}" "#{USER_AGENT}"/
+      @format = /#{IP} #{IDENT} #{USERID} \[#{TIMESTAMP}\] "(#{METHOD} #{URL} #{PROTOCOL}|-|.+)" #{RETURN_CODE} #{SIZE} "#{REFERER}" "#{USER_AGENT}"/
     end
 
     def parse line

data/lib/log_sense/emitter.rb

@@ -40,5 +40,25 @@ module LogSense
       ERB.new(erb_template).result(OpenStruct.new(vars).instance_eval { binding })
     end
 
+    def self.escape_javascript(string)
+      js_escape_map = {
+        "<script" => "&lt;script",
+        "</script" => "&lt;/script",
+        "<" => "&lt;",
+        "</" => '&lt;\/',
+        "\\" => "\\\\",
+        "\r\n" => '\\r\\n',
+        "\n" => '\\n',
+        "\r" => '\\r',
+        '"' => ' \\"',
+        "'" => " \\'",
+        "`" => " \\`",
+        "$" => " \\$"
+      }
+      js_escape_map.each do |k, v|
+        string = string.gsub(k, v)
+      end
+      string
+    end
   end
 end

data/lib/log_sense/options_parser.rb

@@ -8,7 +8,7 @@ module LogSense
     # parse command line options
     #
     def self.parse options
-      limit = 30
+      limit = 900
       args = {} 
 
       opt_parser = OptionParser.new do |opts|

data/lib/log_sense/rails_data_cruncher.rb

@@ -7,7 +7,7 @@ module LogSense
     # @ variables are automatically put in the returned data
     #
 
-    def self.crunch db, options = { limit: 30 }
+    def self.crunch db, options = { limit: 900 }
       first_day_s = db.execute "SELECT started_at from Event where started_at not NULL order by started_at limit 1"
       # we could use ended_at to cover the full activity period, but I prefer started_at
       # with the meaning that the monitor event initiation

data/lib/log_sense/templates/_output_table.html.erb

@@ -19,6 +19,7 @@ end
  $(document).ready(function(){
    $('#table-<%= index %>').dataTable({
      data: data_<%= index %>,
+     <%= report[:datatable_options] + "," if report[:datatable_options] %>
      columns: [
        <% report[:header].each do |header| %>
        { data: '<%= header %>', className: '<%= slugify(header) %>' },

data/lib/log_sense/templates/_report_data.html.erb

@@ -4,7 +4,8 @@
    <% report[:rows].each do |row| %>
    {
      <% report[:header].each_with_index do |h, i| %>
-     "<%= h %>": <%= (row[i].class == Integer or row[i].class == Float) ? row[i] : "\"#{row[i]}\"" %>,
+     <% resized_row = (row[i] || '').size > 150 ? "#{row[i][0..150]...}" : (row[i] || "") %>
+     "<%= h %>": <%= (row[i].class == Integer or row[i].class == Float) ? row[i] : "\"#{Emitter::escape_javascript(resized_row)}\"" %>,
      <% end %>
    },
    <% end %>

data/lib/log_sense/templates/_summary.html.erb

@@ -17,7 +17,12 @@
     <%= data[:total_unique_visits] %> <span class="stats-list-label">Unique Visits</span>
   </li>
   <li class="stats-list-negative">
-    <%= data[:total_unique_visits] != 0 ? data[:total_hits] / data[:total_unique_visits] : "N/A" %>
+    <% days = data[:last_day_in_analysis] - data[:first_day_in_analysis] %>
+    <%= days > 0 ? "%.2f" % (data[:total_unique_visits] / days.to_f) : "N/A" %>
     <span class="stats-list-label">Unique Visits / Day</span>
   </li>
+  <li class="stats-list-negative">
+    <%= data[:total_unique_visits] != 0 ? data[:total_hits] / data[:total_unique_visits] : "N/A" %>
+    <span class="stats-list-label">Page Visited / Unique Visitor</span>
+  </li>
 </ul>

data/lib/log_sense/templates/apache.html.erb

@@ -157,11 +157,10 @@
                   "Log Structure",
                   "Daily Distribution",
                   "Time Distribution",
-                  "Most Requested Pages",
-                  "Most Requested Resources",
-                  "404 on HTML Files",
-                  "404 on other Resources",
-                  "Attacks",
+                  "20_ and 30_ on HTML pages",
+                  "20_ and 30_ on other resources",
+                  "40_ and 50_ on HTML pages",
+                  "40_ and 50_ on other Resources",
                   "Statuses",
                   "Daily Statuses",
                   "Browsers",
@@ -319,14 +318,26 @@
                 }
               }
             },
-            { title: "Most Requested Pages",
-              header: ["Path", "Hits", "Visits", "Size"],
+            { title: "20_ and 30_ on HTML pages",
+              header: ["Path", "Hits", "Visits", "Size", "Status"],
               rows: data[:most_requested_pages],
+              datatable_options: "columnDefs: [{ width: \"40%\", targets: 0 } ]"
+            },
+            { title: "20_ and 30_ on other resources",
+              header: ["Path", "Hits", "Visits", "Size", "Status"],
+              rows: data[:most_requested_resources],
+              datatable_options: "columnDefs: [{ width: \"40%\", targets: 0 } ]"
+            },
+            { title: "40_ and 50_x on HTML pages",
+              header: ["Path", "Hits", "Visits", "Status"],
+              rows: data[:missed_pages],
+              datatable_options: "columnDefs: [{ width: \"40%\", targets: 0 } ]"
+            },
+            { title: "40_ and 50_ on other resources",
+              header: ["Path", "Hits", "Visits", "Status"],
+              rows: data[:missed_resources],
+              datatable_options: "columnDefs: [{ width: \"40%\", targets: 0 } ]"
             },
-            { title: "Most Requested Resources", header: ["Path", "Hits", "Visits", "Size"], rows: data[:most_requested_resources] },
-            { title: "404 on HTML Files", header: ["Path", "Hits", "Visits"], rows: data[:missed_pages] },
-            { title: "404 on other Resources", header: ["Path", "Hits", "Visits"], rows: data[:missed_resources] },
-            { title: "Attacks", header: ["Path", "Hits", "Visits"], rows: data[:attacks], col: "small-12 cell" },
             { title: "Statuses",
               header: ["Status", "Count"],
               rows: data[:statuses],
@@ -494,10 +505,10 @@
                     <th>IP</th>
                     <th>
                       <div class="grid-x grid-margin-x">
-                        <div class="col-2 cell">
+                        <div class="small-2 cell">
                           Day
                         </div>
-                        <div class="col-10 cell">
+                        <div class="small-10 cell">
                           Resources
                         </div>
                       </div>
@@ -513,26 +524,25 @@
                       <td class="streaks">
                         <div class="grid-x grid-margin-x">
                           <% date_urls.group_by { |x| x[1] }.each do |date, urls| %>
-                            <div class="col-2 cell">
+                            <div class="small-12 medium-1 cell">
                               <span class="date"><%= date %></span>
                             </div>
-                            <div class="col-10 cell grid-x">
-                              <div class="small-12 medium-6 cell">
-                                <span class="res-title">HTML:</span>
-                                <ul>
-                                  <% urls.map { |x| x[2] }.compact.select { |x| x.match /.*\.html?/ }.each do |url| %>
-                                    <li><%= url %></li>
-                                  <% end %>
-                                </ul>
-                              </div>                              
-                              <div class=" small-12 medium-6 cell">
-                                <span class="res-title small-12 medium-6 cell">Other Resources:</span>
-                                <ul>
-                                  <% urls.map { |x| x[2] }.compact.sort.select { |x| x and not x.match /.*\.html?/ }.each do |url| %>
-                                    <li><%= url %></li>
-                                  <% end %>
-                                </ul>
-                              </div>
+                            <div class="small-12 medium-5 cell">
+                              <span class="res-title">HTML:</span>
+                              <% unique_with_count = urls.map { |x| x[2] }.compact.group_by{|e| e}.map{|k, v| [k, v.length]} %>
+                              <ul class="no-bullet">
+                                <% unique_with_count.select { |x| x[0].match /.*\.html?/ }.each do |url| %>
+                                  <li>[<%= url[1] %>] <%= Emitter::escape_javascript url[0] %></li>
+                                <% end %>
+                              </ul>
+                            </div>                              
+                            <div class=" small-12 medium-5 cell">
+                              <span class="res-title">Other Resources:</span>
+                              <ul class="no-bullet">
+                                <% unique_with_count.select { |x| x[0] and ! x[0].match /.*\.html?/ }.each do |url| %>
+                                  <li>[<%= url[1] %>] <%= Emitter::escape_javascript url[0] %></li>
+                                <% end %>
+                              </ul>
                             </div>
                           <% end %>
                         </div>

data/lib/log_sense/templates/rails.html.erb

@@ -308,7 +308,24 @@
               vega_spec: {
                 "layer": [
                   {
-                    "mark": "point"
+                    "mark": {
+                      "type": "point",
+                      "name": "data_points"
+                    }
+                  },
+                  {
+                    "mark": {
+                      "name": "label",
+                      "type": "text",
+                      "align": "left",
+                      "baseline": "middle",
+                      "dx": 5,
+                      "yOffset": 0
+                    },
+                    "encoding": {
+                      "text": {"field": "Controller"},
+                      "fontSize": {"value": 8}
+                    },
                   },
                 ],
                 "encoding": {

data/lib/log_sense/version.rb

@@ -1,3 +1,3 @@
 module LogSense
-  VERSION = "1.3.2"
+  VERSION = "1.4.0"
 end

data/log_sense.gemspec

@@ -1,38 +1,38 @@
 require_relative 'lib/log_sense/version'
 
 Gem::Specification.new do |spec|
-  spec.name          = "log_sense"
+  spec.name          = 'log_sense'
   spec.version       = LogSense::VERSION
-  spec.authors       = ["Adolfo Villafiorita"]
-  spec.email         = ["adolfo.villafiorita@ict4g.net"]
+  spec.authors       = ['Adolfo Fibrillation']
+  spec.email         = ['adolfo@shair.tech']
 
-  spec.summary       = %q{Generate analytics from an Apache and Rails log file.}
-  spec.description   = %q{Generate analystics in HTML, txt, and SQLite format from an Apache and Rails log files.}
-  spec.homepage      = "https://www.ict4g.net/gitea/adolfo/log_sense"
-  spec.license       = "MIT"
-  spec.required_ruby_version = Gem::Requirement.new(">= 2.6.9")
+  spec.summary       = %q{Generate analytics for Apache and Rails log file.}
+  spec.description   = %q{Generate analytics in HTML, txt, and SQLite format for Apache and Rails log files.}
+  spec.homepage      = 'https://github.com/shair-tech/log_sense/log_sense'
+  spec.license       = 'MIT'
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.6.9')
 
-  spec.metadata["allowed_push_host"] = "https://rubygems.org/"
+  spec.metadata['allowed_push_host'] = 'https://rubygems.org/'
 
-  spec.metadata["homepage_uri"] = spec.homepage
-  spec.metadata["source_code_uri"] = "https://www.ict4g.net/gitea/adolfo/log_sense"
-  spec.metadata["changelog_uri"] = "https://www.ict4g.net/gitea/adolfo/log_sense/CHANGELOG.org"
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = 'https://github.com/shair-tech/log_sense/log_sense'
+  spec.metadata['changelog_uri'] = 'https://github.com/shair-tech/log_sense/blob/main/CHANGELOG.org'
 
   # Specify which files should be added to the gem when it is released.
   # The `git ls-files -z` loads the files in the RubyGem that have been added into git.
   spec.files         = Dir.chdir(File.expand_path('..', __FILE__)) do
     `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
   end
-  spec.bindir        = "exe"
+  spec.bindir        = 'exe'
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ["lib"]
+  spec.require_paths = ['lib']
 
-  spec.add_dependency "browser"
-  spec.add_dependency "ipaddr"
-  spec.add_dependency "iso_country_codes"
-  spec.add_dependency "sqlite3"
-  spec.add_dependency "terminal-table"
+  spec.add_dependency 'browser'
+  spec.add_dependency 'ipaddr'
+  spec.add_dependency 'iso_country_codes'
+  spec.add_dependency 'sqlite3'
+  spec.add_dependency 'terminal-table'
 
   spec.add_development_dependency 'byebug'
-  spec.add_development_dependency "minitest"
+  spec.add_development_dependency 'minitest'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: log_sense
 version: !ruby/object:Gem::Version
-  version: 1.3.2
+  version: 1.4.0
 platform: ruby
 authors:
-- Adolfo Villafiorita
+- Adolfo Fibrillation
 autorequire:
 bindir: exe
 cert_chain: []
-date: 2022-01-12 00:00:00.000000000 Z
+date: 2022-03-05 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: browser
@@ -108,10 +108,10 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-description: Generate analystics in HTML, txt, and SQLite format from an Apache and
-  Rails log files.
+description: Generate analytics in HTML, txt, and SQLite format for Apache and Rails
+  log files.
 email:
-- adolfo.villafiorita@ict4g.net
+- adolfo@shair.tech
 executables:
 - log_sense
 extensions: []
@@ -155,14 +155,14 @@ files:
 - sample_logs/empty_log.log
 - sample_logs/safety-critical_org.log
 - sample_logs/spmbook_com.log
-homepage: https://www.ict4g.net/gitea/adolfo/log_sense
+homepage: https://github.com/shair-tech/log_sense/log_sense
 licenses:
 - MIT
 metadata:
   allowed_push_host: https://rubygems.org/
-  homepage_uri: https://www.ict4g.net/gitea/adolfo/log_sense
-  source_code_uri: https://www.ict4g.net/gitea/adolfo/log_sense
-  changelog_uri: https://www.ict4g.net/gitea/adolfo/log_sense/CHANGELOG.org
+  homepage_uri: https://github.com/shair-tech/log_sense/log_sense
+  source_code_uri: https://github.com/shair-tech/log_sense/log_sense
+  changelog_uri: https://github.com/shair-tech/log_sense/blob/main/CHANGELOG.org
 post_install_message:
 rdoc_options: []
 require_paths:
@@ -181,5 +181,5 @@ requirements: []
 rubygems_version: 3.0.3.1
 signing_key:
 specification_version: 4
-summary: Generate analytics from an Apache and Rails log file.
+summary: Generate analytics for Apache and Rails log file.
 test_files: []