logtap 0.2.0__py3-none-any.whl

logtap/cli/commands/query.py

@@ -0,0 +1,127 @@
+"""Query command for logtap CLI."""
+
+from typing import Optional
+
+import typer
+from rich.console import Console
+from rich.panel import Panel
+
+console = Console()
+
+
+def query(
+    filename: str = typer.Argument(
+        "syslog",
+        help="Name of the log file to query.",
+    ),
+    server: str = typer.Option(
+        "http://localhost:8000",
+        "--server",
+        "-s",
+        help="URL of the logtap server.",
+        envvar="LOGTAP_SERVER",
+    ),
+    term: Optional[str] = typer.Option(
+        None,
+        "--term",
+        "-t",
+        help="Substring to search for.",
+    ),
+    regex: Optional[str] = typer.Option(
+        None,
+        "--regex",
+        "-r",
+        help="Regex pattern to match.",
+    ),
+    limit: int = typer.Option(
+        50,
+        "--limit",
+        "-n",
+        help="Number of lines to return.",
+    ),
+    api_key: Optional[str] = typer.Option(
+        None,
+        "--api-key",
+        "-k",
+        help="API key for authentication.",
+        envvar="LOGTAP_API_KEY",
+    ),
+    output: str = typer.Option(
+        "pretty",
+        "--output",
+        "-o",
+        help="Output format: pretty, json, plain.",
+    ),
+    case_sensitive: bool = typer.Option(
+        True,
+        "--case-sensitive/--ignore-case",
+        "-c/-i",
+        help="Whether search is case-sensitive.",
+    ),
+) -> None:
+    """
+    Query logs from a logtap server.
+
+    Example:
+        logtap query syslog
+        logtap query auth.log --term "Failed password"
+        logtap query syslog --regex "error.*connection" --limit 100
+    """
+
+    import httpx
+
+    # Build request
+    headers = {}
+    if api_key:
+        headers["X-API-Key"] = api_key
+
+    params = {
+        "filename": filename,
+        "limit": limit,
+        "case_sensitive": case_sensitive,
+    }
+    if term:
+        params["term"] = term
+    if regex:
+        params["regex"] = regex
+
+    try:
+        with httpx.Client(timeout=30.0) as client:
+            response = client.get(f"{server}/logs", params=params, headers=headers)
+
+        if response.status_code != 200:
+            error_detail = response.json().get("detail", response.text)
+            console.print(f"[bold red]Error:[/bold red] {error_detail}")
+            raise typer.Exit(1)
+
+        data = response.json()
+        lines = data.get("lines", [])
+        count = data.get("count", len(lines))
+
+        # Format output
+        if output == "json":
+            console.print_json(data=data)
+        elif output == "plain":
+            for line in lines:
+                console.print(line)
+        else:
+            # Pretty output with panel
+            if lines:
+                content = "\n".join(lines)
+                panel = Panel(
+                    content,
+                    title=f"[bold blue]{filename}[/bold blue]",
+                    subtitle=f"[dim]{count} lines[/dim]",
+                    border_style="blue",
+                )
+                console.print(panel)
+            else:
+                console.print(f"[dim]No matching lines found in {filename}[/dim]")
+
+    except httpx.ConnectError:
+        console.print(f"[bold red]Error:[/bold red] Could not connect to {server}")
+        console.print("[dim]Is the logtap server running? Start it with 'logtap serve'[/dim]")
+        raise typer.Exit(1)
+    except Exception as e:
+        console.print(f"[bold red]Error:[/bold red] {e}")
+        raise typer.Exit(1)

logtap/cli/commands/serve.py

@@ -0,0 +1,78 @@
+"""Server command for logtap CLI."""
+
+from typing import Optional
+
+import typer
+from rich.console import Console
+
+console = Console()
+
+
+def serve(
+    host: str = typer.Option(
+        "0.0.0.0",
+        "--host",
+        "-h",
+        help="Host to bind to.",
+    ),
+    port: int = typer.Option(
+        8000,
+        "--port",
+        "-p",
+        help="Port to bind to.",
+    ),
+    reload: bool = typer.Option(
+        False,
+        "--reload",
+        "-r",
+        help="Enable auto-reload for development.",
+    ),
+    api_key: Optional[str] = typer.Option(
+        None,
+        "--api-key",
+        "-k",
+        help="API key for authentication. Can also be set via LOGTAP_API_KEY env var.",
+        envvar="LOGTAP_API_KEY",
+    ),
+    log_dir: str = typer.Option(
+        "/var/log",
+        "--log-dir",
+        "-d",
+        help="Directory containing log files.",
+        envvar="LOGTAP_LOG_DIRECTORY",
+    ),
+) -> None:
+    """
+    Start the logtap API server.
+
+    Example:
+        logtap serve
+        logtap serve --port 9000
+        logtap serve --api-key mysecretkey
+    """
+    import os
+
+    import uvicorn
+
+    # Set environment variables for the app
+    os.environ["LOGTAP_HOST"] = host
+    os.environ["LOGTAP_PORT"] = str(port)
+    os.environ["LOGTAP_LOG_DIRECTORY"] = log_dir
+    if api_key:
+        os.environ["LOGTAP_API_KEY"] = api_key
+
+    console.print("[bold green]Starting logtap server[/bold green]")
+    console.print(f"  [dim]Host:[/dim] {host}")
+    console.print(f"  [dim]Port:[/dim] {port}")
+    console.print(f"  [dim]Log directory:[/dim] {log_dir}")
+    console.print(f"  [dim]Auth:[/dim] {'enabled' if api_key else 'disabled'}")
+    console.print()
+    console.print(f"[dim]API docs available at[/dim] http://{host}:{port}/docs")
+    console.print()
+
+    uvicorn.run(
+        "logtap.api.app:app",
+        host=host,
+        port=port,
+        reload=reload,
+    )

logtap/cli/commands/tail.py

@@ -0,0 +1,121 @@
+"""Tail command for logtap CLI - real-time log streaming."""
+
+from typing import Optional
+
+import typer
+from rich.console import Console
+
+console = Console()
+
+
+def tail(
+    filename: str = typer.Argument(
+        "syslog",
+        help="Name of the log file to tail.",
+    ),
+    server: str = typer.Option(
+        "http://localhost:8000",
+        "--server",
+        "-s",
+        help="URL of the logtap server.",
+        envvar="LOGTAP_SERVER",
+    ),
+    follow: bool = typer.Option(
+        False,
+        "--follow",
+        "-f",
+        help="Follow log output (like tail -f). Requires WebSocket support.",
+    ),
+    lines: int = typer.Option(
+        10,
+        "--lines",
+        "-n",
+        help="Number of lines to show initially.",
+    ),
+    api_key: Optional[str] = typer.Option(
+        None,
+        "--api-key",
+        "-k",
+        help="API key for authentication.",
+        envvar="LOGTAP_API_KEY",
+    ),
+) -> None:
+    """
+    Tail a log file, optionally following new entries.
+
+    Example:
+        logtap tail syslog
+        logtap tail auth.log -f
+        logtap tail syslog --lines 100
+    """
+    import httpx
+
+    # First, get initial lines
+    headers = {}
+    if api_key:
+        headers["X-API-Key"] = api_key
+
+    params = {
+        "filename": filename,
+        "limit": lines,
+    }
+
+    try:
+        with httpx.Client(timeout=30.0) as client:
+            response = client.get(f"{server}/logs", params=params, headers=headers)
+
+        if response.status_code != 200:
+            error_detail = response.json().get("detail", response.text)
+            console.print(f"[bold red]Error:[/bold red] {error_detail}")
+            raise typer.Exit(1)
+
+        data = response.json()
+        log_lines = data.get("lines", [])
+
+        # Print initial lines
+        for line in log_lines:
+            console.print(line)
+
+        if follow:
+            console.print()
+            console.print("[dim]Streaming new entries... (Ctrl+C to stop)[/dim]")
+            console.print()
+
+            # Stream new entries via WebSocket
+            import asyncio
+
+            async def stream_logs():
+                import websockets
+
+                ws_url = server.replace("http://", "ws://").replace("https://", "wss://")
+                ws_url = f"{ws_url}/logs/stream?filename={filename}"
+
+                extra_headers = {}
+                if api_key:
+                    extra_headers["X-API-Key"] = api_key
+
+                try:
+                    async with websockets.connect(ws_url, extra_headers=extra_headers) as ws:
+                        async for message in ws:
+                            console.print(message)
+                except websockets.exceptions.InvalidStatusCode as e:
+                    if e.status_code == 404:
+                        console.print("[yellow]Streaming not available.[/yellow]")
+                        console.print("[dim]Server may need updating.[/dim]")
+                    else:
+                        console.print(f"[red]WebSocket error: {e}[/red]")
+                except Exception as e:
+                    console.print(f"[red]Streaming error: {e}[/red]")
+
+            try:
+                asyncio.run(stream_logs())
+            except KeyboardInterrupt:
+                console.print("\n[dim]Stopped.[/dim]")
+
+    except httpx.ConnectError:
+        console.print(f"[bold red]Error:[/bold red] Could not connect to {server}")
+        console.print("[dim]Is the logtap server running? Start it with 'logtap serve'[/dim]")
+        raise typer.Exit(1)
+    except Exception as e:
+        console.print(f"[bold red]Error:[/bold red] {e}")
+        raise typer.Exit(1)

logtap/cli/main.py

@@ -0,0 +1,50 @@
+"""Main CLI application for logtap."""
+
+import typer
+
+from logtap import __version__
+from logtap.cli.commands import files, query, serve, tail
+
+app = typer.Typer(
+    name="logtap",
+    help="A CLI-first log access tool for Unix systems. Remote log file access without SSH.",
+    rich_markup_mode="rich",
+    no_args_is_help=True,
+)
+
+
+def version_callback(value: bool) -> None:
+    """Print version and exit."""
+    if value:
+        typer.echo(f"logtap {__version__}")
+        raise typer.Exit()
+
+
+@app.callback()
+def main(
+    version: bool = typer.Option(
+        None,
+        "--version",
+        "-v",
+        help="Show version and exit.",
+        callback=version_callback,
+        is_eager=True,
+    ),
+) -> None:
+    """
+    logtap - Remote log file access without SSH.
+
+    Start a server with 'logtap serve' or query a remote server with 'logtap query'.
+    """
+    pass
+
+
+# Add commands
+app.command()(serve.serve)
+app.command()(query.query)
+app.command()(tail.tail)
+app.command()(files.files)
+
+
+if __name__ == "__main__":
+    app()

logtap/core/__init__.py

@@ -0,0 +1,16 @@
+"""Core business logic for logtap."""
+
+from logtap.core.reader import get_file_lines, get_file_lines_async, tail, tail_async
+from logtap.core.search import filter_lines
+from logtap.core.validation import is_filename_valid, is_limit_valid, is_search_term_valid
+
+__all__ = [
+    "tail",
+    "tail_async",
+    "get_file_lines",
+    "get_file_lines_async",
+    "is_filename_valid",
+    "is_search_term_valid",
+    "is_limit_valid",
+    "filter_lines",
+]

logtap/core/parsers/__init__.py

@@ -0,0 +1,20 @@
+"""Log format parsers for logtap."""
+
+from logtap.core.parsers.apache import ApacheParser
+from logtap.core.parsers.auto import AutoParser, detect_format
+from logtap.core.parsers.base import LogLevel, LogParser, ParsedLogEntry
+from logtap.core.parsers.json_parser import JsonLogParser
+from logtap.core.parsers.nginx import NginxParser
+from logtap.core.parsers.syslog import SyslogParser
+
+__all__ = [
+    "LogParser",
+    "ParsedLogEntry",
+    "LogLevel",
+    "SyslogParser",
+    "JsonLogParser",
+    "NginxParser",
+    "ApacheParser",
+    "AutoParser",
+    "detect_format",
+]

logtap/core/parsers/apache.py

@@ -0,0 +1,165 @@
+"""Apache access log parser."""
+
+import re
+from datetime import datetime
+from typing import Optional
+
+from logtap.core.parsers.base import LogLevel, LogParser, ParsedLogEntry
+
+
+class ApacheParser(LogParser):
+    """
+    Parser for Apache access log format.
+
+    Common combined format:
+    %h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"
+
+    Example:
+    192.168.1.1 - frank [08/Jan/2024:10:23:45 -0500] "GET / HTTP/1.0" 200 1234
+    """
+
+    # Combined log format pattern (same as nginx essentially)
+    PATTERN = re.compile(
+        r"^(\S+)\s+"  # Remote host
+        r"(\S+)\s+"  # Identity
+        r"(\S+)\s+"  # Remote user
+        r"\[([^\]]+)\]\s+"  # Time
+        r'"([^"]*)"\s+'  # Request
+        r"(\d{3})\s+"  # Status
+        r"(\d+|-)\s*"  # Bytes
+        r'(?:"([^"]*)"\s*)?'  # Referer
+        r'(?:"([^"]*)")?'  # User agent
+    )
+
+    # Error log pattern
+    ERROR_PATTERN = re.compile(
+        r"^\[([^\]]+)\]\s+"  # Timestamp
+        r"\[(\w+)\]\s+"  # Level
+        r"(?:\[pid\s+(\d+)\]\s+)?"  # PID (optional)
+        r"(?:\[client\s+([^\]]+)\]\s+)?"  # Client (optional)
+        r"(.*)$"  # Message
+    )
+
+    @property
+    def name(self) -> str:
+        return "apache"
+
+    def can_parse(self, line: str) -> bool:
+        """Check if line matches apache format."""
+        return bool(self.PATTERN.match(line) or self.ERROR_PATTERN.match(line))
+
+    def parse(self, line: str) -> ParsedLogEntry:
+        """Parse an apache log line."""
+        # Try access log format first
+        match = self.PATTERN.match(line)
+        if match:
+            return self._parse_access_log(line, match)
+
+        # Try error log format
+        match = self.ERROR_PATTERN.match(line)
+        if match:
+            return self._parse_error_log(line, match)
+
+        return ParsedLogEntry(
+            raw=line,
+            message=line,
+            level=self._detect_level_from_content(line),
+        )
+
+    def _parse_access_log(self, line: str, match: re.Match) -> ParsedLogEntry:
+        """Parse apache access log line."""
+        groups = match.groups()
+        remote_host = groups[0]
+        remote_user = groups[2] if groups[2] != "-" else None
+        time_str = groups[3]
+        request = groups[4]
+        status = int(groups[5])
+        bytes_sent = int(groups[6]) if groups[6] != "-" else 0
+        referer = groups[7] if len(groups) > 7 and groups[7] != "-" else None
+        user_agent = groups[8] if len(groups) > 8 else None
+
+        timestamp = self._parse_apache_time(time_str)
+        level = self._status_to_level(status)
+
+        request_parts = request.split() if request else []
+        method = request_parts[0] if len(request_parts) > 0 else None
+        path = request_parts[1] if len(request_parts) > 1 else None
+
+        return ParsedLogEntry(
+            raw=line,
+            message=f"{method} {path} -> {status}" if method and path else request,
+            timestamp=timestamp,
+            level=level,
+            source=remote_host,
+            metadata={
+                "remote_host": remote_host,
+                "remote_user": remote_user,
+                "request": request,
+                "method": method,
+                "path": path,
+                "status": status,
+                "bytes_sent": bytes_sent,
+                "referer": referer,
+                "user_agent": user_agent,
+                "log_type": "access",
+            },
+        )
+
+    def _parse_error_log(self, line: str, match: re.Match) -> ParsedLogEntry:
+        """Parse apache error log line."""
+        groups = match.groups()
+        time_str = groups[0]
+        level_str = groups[1]
+        pid = groups[2]
+        client = groups[3]
+        message = groups[4]
+
+        timestamp = self._parse_error_time(time_str)
+        level = LogLevel.from_string(level_str) or self._detect_level_from_content(message)
+
+        return ParsedLogEntry(
+            raw=line,
+            message=message,
+            timestamp=timestamp,
+            level=level,
+            source=client,
+            metadata={
+                "pid": pid,
+                "client": client,
+                "log_type": "error",
+            },
+        )
+
+    def _parse_apache_time(self, time_str: str) -> Optional[datetime]:
+        """Parse apache time format: 08/Jan/2024:10:23:45 -0500"""
+        try:
+            time_str = time_str.split()[0] if " " in time_str else time_str
+            return datetime.strptime(time_str, "%d/%b/%Y:%H:%M:%S")
+        except ValueError:
+            return None
+
+    def _parse_error_time(self, time_str: str) -> Optional[datetime]:
+        """Parse apache error log time format."""
+        formats = [
+            "%a %b %d %H:%M:%S.%f %Y",
+            "%a %b %d %H:%M:%S %Y",
+            "%Y-%m-%d %H:%M:%S.%f",
+            "%Y-%m-%d %H:%M:%S",
+        ]
+        for fmt in formats:
+            try:
+                return datetime.strptime(time_str, fmt)
+            except ValueError:
+                continue
+        return None
+
+    def _status_to_level(self, status: int) -> LogLevel:
+        """Convert HTTP status code to log level."""
+        if status >= 500:
+            return LogLevel.ERROR
+        elif status >= 400:
+            return LogLevel.WARNING
+        elif status >= 300:
+            return LogLevel.NOTICE
+        else:
+            return LogLevel.INFO

logtap/core/parsers/auto.py

@@ -0,0 +1,118 @@
+"""Auto-detection and parsing of log formats."""
+
+from typing import List, Optional, Type
+
+from logtap.core.parsers.apache import ApacheParser
+from logtap.core.parsers.base import LogParser, ParsedLogEntry
+from logtap.core.parsers.json_parser import JsonLogParser
+from logtap.core.parsers.nginx import NginxParser
+from logtap.core.parsers.syslog import SyslogParser
+
+# Parser priority order (more specific formats first)
+PARSERS: List[Type[LogParser]] = [
+    JsonLogParser,  # JSON is very specific
+    NginxParser,  # Nginx before Apache (almost identical)
+    ApacheParser,
+    SyslogParser,  # Syslog is more generic, try last
+]
+
+
+def detect_format(lines: List[str], sample_size: int = 10) -> Optional[LogParser]:
+    """
+    Detect the log format by sampling lines.
+
+    Args:
+        lines: List of log lines to analyze.
+        sample_size: Number of lines to sample for detection.
+
+    Returns:
+        A LogParser instance that can handle the format, or None.
+    """
+    if not lines:
+        return None
+
+    # Sample lines from the input
+    sample = lines[:sample_size]
+
+    # Try each parser and count successes
+    parser_scores = {}
+
+    for parser_cls in PARSERS:
+        parser = parser_cls()
+        matches = sum(1 for line in sample if line.strip() and parser.can_parse(line))
+        if matches > 0:
+            parser_scores[parser_cls] = matches / len([line for line in sample if line.strip()])
+
+    if not parser_scores:
+        return None
+
+    # Return parser with highest match rate
+    best_parser_cls = max(parser_scores, key=parser_scores.get)
+    return best_parser_cls()
+
+
+class AutoParser(LogParser):
+    """
+    Parser that auto-detects the log format.
+
+    On first parse, it samples lines to detect the format,
+    then uses the appropriate parser for subsequent lines.
+    """
+
+    def __init__(self):
+        self._detected_parser: Optional[LogParser] = None
+        self._parsers = [cls() for cls in PARSERS]
+
+    @property
+    def name(self) -> str:
+        if self._detected_parser:
+            return f"auto:{self._detected_parser.name}"
+        return "auto"
+
+    def can_parse(self, line: str) -> bool:
+        """Auto parser can attempt to parse any line."""
+        return True
+
+    def parse(self, line: str) -> ParsedLogEntry:
+        """Parse a line, auto-detecting format if needed."""
+        line = line.strip()
+
+        if not line:
+            return ParsedLogEntry(raw=line, message=line)
+
+        # If we've detected a format, use it
+        if self._detected_parser and self._detected_parser.can_parse(line):
+            return self._detected_parser.parse(line)
+
+        # Try each parser in order
+        for parser in self._parsers:
+            if parser.can_parse(line):
+                self._detected_parser = parser
+                return parser.parse(line)
+
+        # Fallback: return unparsed entry
+        return ParsedLogEntry(
+            raw=line,
+            message=line,
+            level=self._detect_level_from_content(line),
+        )
+
+    def parse_many(self, lines: List[str]) -> List[ParsedLogEntry]:
+        """
+        Parse multiple lines with format detection.
+
+        Uses the first few lines to detect format, then applies
+        consistently to all lines.
+        """
+        if not lines:
+            return []
+
+        # Detect format from sample
+        self._detected_parser = detect_format(lines)
+
+        # Parse all lines
+        return [self.parse(line) for line in lines]
+
+    def reset(self):
+        """Reset format detection."""
+        self._detected_parser = None