yaala - CHANGELOG =================== http://yaala.org/ 0.8.0 - Contributed Sendmail-parser ===================================== - qMax has contributed a sendmail-parser. Thank you very much :) 0.7.3 - More bugs fixed ========================= - A bug in the debug-system has been fixed: Data::Dumper would not be loaded, though it might be neccessary in the selected debug-level. - A bug with the disabling of persistency has been fixed. Thanks to qMax. 0.7.2 - Potential bug fixed ============================= - The modules have been moved and rename, since a conflict with other installed modules could appear in old versions of perl (<= 5.005). 0.7.1 - Bug fixed =================== - A bug in the persistency-code has been fixed: If the persistency-file had to be created no checksum was included causing it to be overwritten with the next run. The second run did set the checksum which is propably why noone complained about this.. 0.7.0 - Persistent data is here ================================= - yaala now dumps it's data into a file and may use it in subsequent runs. This way you don't have to keep all your old logfiles. - A tiny fix allows yaala to run under Microsoft Windows. 0.6.8 - Workaround implemented ================================ - A workaround for what seems to be a bug in some versions of Perl 5.8 has been added. 0.6.7 - Some more cosmetics ============================= - yaala now changes into it's own directory before execution. This is useful for cron-scripts and the like. - The config option ``print-graphs'' has been added for two reasons: a) People who have GD::Graph installed can prevent yaala from generating graphs now. b) People who do neither have GD::Graph installed nor read the readme will hopefully find this option and will get a detailed error message. 0.6.6 - Bug fixed =================== - A bug which would not let ``host_width'' to be set to zero (infinite length) has been fixed. Thanks to Rafael Santiago for reporting it. 0.6.5 - More aggregations =========================== - More than one aggregation can be selected. This works with both, the Combined and the Classic output module. - Elapsed time (from the squid logfiles) is now being printed in hh:mm:ss.f format. - The y-Axis of graphs is plotted in percent of the total now. 0.6.4 - Don't die on me, man! =============================== - yaala doesn't die anymore, if you select more than three fields with the combined output module. An error message is printed instead. - Empty cells are not printed any longer by default when using the Classic output. You can re-enable this behavior with a config-option. 0.6.3 - ... ============= - Chimera has been renamed to Camino; MultiZilla and Safari have been added. - The sub-indizes in the Classic output now provide a bit more information.. - A robots-metatag has been added to prevent search engines from indexing yaala's reports. 0.6.2 - New/Old parser and bugfixes ===================================== - The (old) bind9 parser has been fixed and works fine. - A parser for the "xferlog" (used by wu-ftpd, proftpd and maybe other FTP-Daemons). - Selections with where-clauses should work better now. 0.6.1 - The return of the graphs ================================== - Support for GD::Graph is finally back again. yaala checks wether GD::Graph is installed or not and behaves accordingly. You don't have to do anything. - All tables now print percentages as well. - A parser for postfix entries in the maillog has been added. - A bug in Data::Setup has been fixed. It wasn't possible to select more than three keys with the Classic output module, which is perfectly legal.. 0.6.0 - New code, less bugs, less features ============================================ - Huge parts of yaala's internals have been rewritten. The data-storage is completely new and works better than in the 0.5.x line. - General code cleanup. A lot of variables have been renamed. - The debug-system has been unified. - The Classic-output plugin emulates the ``old'' (0.4.x) output. 0.5.4 - Patches by qMax ========================= - Input Module for method file:// has been added. - Fixes in Format.pm - Changes in qmax.css 0.5.3 - Reverse lookups ========================= - Ability of reverse lookups has been added. - Browsers and OSes are recognized better. The code should also be faster now. 0.5.2 - Now comes the command line ==================================== - Every option from the config file has been made available from the command line. - The recognition of Windows 2000 has been fixed. 0.5.1 - Changes in config-reading and -parsing ================================================ - config-reading and -parsing have been moved out of the main program and into lib/Config.pm. Modules have been updated. - The config syntax has changed slightly. See POD in lib/Config.pm - webserver.config has been created. - A bug in lib/parser/Ncsa.pm has been fixed. - WebserverTools::detect_referer has been rewritten. 0.5.0 - yaala in the metamorphosis ==================================== Changes by octo ----------------- - Modules use the Exporter mechanismn now to import subroutines and variables. Renamed modules in the process. - Output is nearly XHTML kompliant. I'm working towards total XHTML 1.1 compatibility. - Added logo.png, dot-dark.png, dot-light.png - Removed logo.gif, dot0.gif, dit1.gif - Added new stylesheet and set as default. The old stylesheet has been renamed to "qmax.css" - Graphics cannot be generated with this release. This option might come back in some later release. - Recognition of nimbda/codered attacks has been removed. - few obvious bugs found but not yet fixed. See TODO. Changes by qMax ----------------- * yaala Added new config options, removed old for backward incompatibility; Changed some defaults; Removed 'color' options - and defined them in html/style.css; Made preserving spaces, semicolons and capital letters in quoted config parameters (for date/time formats and filenames); Added 'is_list' options to preserve order of parameter appearence (for 'select' directive). Added 'configtest' run mode to test configuration. Added some debugging. Wrote dependences for all my modules in top comment. * config Changed to use new options, added sections HTML and i18n. User level comments about new options. Fixed some typos, have made new :) * README.grouping Description of grouping expressions used in 'select' directive. * contrib/ Several supplemental scripts. Like that, simulating passing comand line parameters to yaala, processing batch reports, ome testing. * html/ Contains *.gif and style.css - a thin cyan document style. * reports/ Default directory for reports. I suggest to do not use html to avoid occasional remove of *.gifs and style.css. Actually, 'reports' should be symlink to some www directory. * lib/ Placed all (new) modules here. * /dev/null Placed all old modules there. * lib/parser/* Directory for parser modules. TODO: parsers should pass month/date/time as UNIX-time to make them properly sorted and formated. Currently they should work w/out i18n handling dates and times. * lib/html.pm A pair of common output utilities. Only to generate common HTML head and foot. Common header contains stylesheet link and optional META http-equiv with charset. Footer contains copyright notice and advertisements. Top-page index is report-dependant. * lib/utils.pm Some common utilities kinda cmp_arrays. * lib/setup.pm Setup-parsing utilities. To keep them all in single place. Includes index calculator for grouping expressions and all that stuff. * lib/debug.pm A pair of debugging and profiling utils. Enabled with $main::debug|=32; * lib/data.pm Data storage module. Supports random key grouping, several functions: SUM, MAX, MIN, AVG, COUNT(*), COUNT(field). Allows association of function with separate index. Incapsulates all access to data hash. * lib/i18n/format.pm Localized data formatting. Formats date, time, datetime, bignumbers, elapsed time, properly sorts host and domain names. POD documented to use. * lib/i18n/trans.pm Enhanced translating module. POD documented. There also dictionary description in en.pm. * lib/i18n/en.pm English template dictionary. Contains all messages from reports, data labels from all parsers and labels of extra info. Used to translate internal data labels to printable titles. There're translation suggestions in comments inside. * lib/i18n/ru.pm Russian translation with several variations of words. Makes reports to look as they were natively russian and natively for selected configuration. Really. * lib/report/core.pm Common part for report modules. Namespaced. Contains setup and table-generation subroutines. Features for crossreferenced tables. POD documented inside. NB: all tables generated, except top-page index, contain borders to be viewable in links the browser. Lynx takes a rest anyway. * lib/report/combined.pm Generates combined reports: 1D, 2D, 3Dimentional. POD inside. * lib/report/top.pm Generates usual top-N report, but with key grouping. POD inside. 0.4.2 - Added BIND9 support ============================= - David Augros sent me a parser for BIND9 logfiles which I added.. Easy tasks get done quick ;) 0.4.1 - security hole fixed ============================= - An exploidable "bug" was fixed: It was possible to fake the referer to contain HTML and/or JavaScript code which would show up in the generated file(s) and eventually would be interpreted by the browser. Thanks to Liviu Daia (Liviu.Daia@imar.ro) for the hint :) 0.4 - netacct and wnserver support ==================================== - Two new parsers provide netacct and wnserver support. Thanks to M. Feenstra for the wnserver support. - The parser modules now have to initialize their data structure before they start parsing. This allows for different types of logfiles to be supported. The data-structures understood are: count: Count each appearance of a unique value (eg. Browser, Date, etc) sum: Build the sum of all the (numeric) values. (eg. Package Count) byte: Basically the same as sum, but print as a byte-value - Use of CSS (Cascading Style Sheets) in the HTML output. Results are smaller files and the source is easier to read. - You can specify a directory to create the output files in. Be sure to copy logo.gif, dot0.gif and dot1.gif into this directory! 0.3 - Clean(er) code and squid support ======================================== - The modules are now a lot cleaner and easier to understand. Various routines have been moved and renamed so the namespaces are used in a more organizing maner. - There's a new input (parse) module for squid logfiles. - The routines which save the data in a huge hash have been altered so they don't depend on the type of data that is parsed at all. This was neccessary in order go get squid to work. - The graph module now generates PNG graphics; it's configuration hash was moved into the main configuration. - The main page has some stats about CodeRed and and Nimba attacks now. You may choose to not include these requests in your stats.. - Correction of some regexps and therefore (hopefully) a better performance. 0.2 - More modules - more comfort =================================== - The structure is now _very_ modular - A config file makes customization really easy - Apache's access-logs and NCSA-conform logfiles now understood - Another module provides another look (Top10) - CHANGELOG looks nicer ;) - Some changes in the makegraph.pm make the graphs look a lot better now. 0.1 - Initial version ======================= - No config-file - Parsing of multiple files - Support for apache's combined-log-format - Modular structure provides an easy way to code support for other formats.