Hi guys.
I'd like to request a module that maybe helps opers to act more effectively.
This module only works if logging is enabled and logfiles exist. Many opers, I guess aren't able to be online 14/7 so although they maybe have -logchan enabled they can't access the whole logfiles without logging into the shell or download the logfile.
So I'd like to have a module that has search and/or parse - functions to get certain Information from the logfiles by operserv.
IT should be restricted to services root or maybe certein users specified in the special config.
Example:
You haven't been in your ircd from May 15 02:00:00 2008 until 08:00:00 . THere is a user called "weebo12", that tells you that he could not login from May 15 03:01:00 until 04:04:03. You are a very helpful admin and you want to know and tell the user why. Th usual way is: you log into the shell and cat | grep the logfile trying to see any strange things, maybe you also cut off usual notices (lines that contain "NickServ" ones or "LOGUSERS") so you have a filtered one to see what happened.
So what about a module that makes it possible inside the ircd, so you don't need the shell?
what about something like:
/msg operserv readlog [YYYYMMDD:hh:mm:ss(-YYYYMMDD:hh:mm:ss)/last x(D,h,m)/all] [ONLY/WITHOUT/all] [String/regexp (AND|OR)]
To be more detailed:
- "/os readlog" should be clear
- the first option makes it possible to filter out the "output" only from a certain time, a timeframe or a relative value, eg last 4hours (last 4h), all time or if you don't specify that option it uses a standard-value set in the config (but I'd recommend to force the use of that option)
- the second option lets you specify if you want in the output only that lines that match the values given in the 3rd option or if you want to exclude that loglines given in the 3rd option. if you specify "all" you don't need to give a 3rd option because you see everything given in the timeframe you specified in option 1
- the third option allows you to set the filters that should be shown/excluded. If you are aware you can use regular expressions (maybe this is harder to code, I don't know). Maybe you can add more than one expression
Like in our example you have a presumption that the users sessionlimit was exceeded so you type:
/os readlog 20080515:03::-20080515:04:10: ONLY weebo OR session
This will response all lines in the logfile that match the strings weebo or session in the time the user told. I used OR because maybe the user maybe had another nick on connection.
Now you can tell the user, that he had exceeded his session limit, because there was someone online that used the same ip.
Maybe its a bit "harmful" to your machines memory but doing this in the shell would be the same I guess.
What do you think about it? Would someone try to code it? I'm not a programmr but I'm able to assist you whereever I'm able to do so.
Thanks for reading.
Greets.
[Bearbeitet am 16-5-2008 von SNU]