Author: jzurfluh

Finally found the real time monitoring I was looking for…

brew install logstalgia

Beautiful pong-styled view of access log in realtime when called as follows:

tail -f /usr/local/var/log/httpd/access_log | logstalgia --sync 

Ends up as a screen like this with pong balls that are the requests from the access log showing the files being accessed by category. Brilliant!!

Further, with a sequence of commands, you can push the monitor into the background and exit terminal as follows:

$ tail -f /usr/local/var/log/httpd/access_log | logstalgia --sync &
$ disown
$ exit

This leaves logstalgia running in a window that you can place on a desktop for easy access and monitoring. Before disown, you can run “jobs” command to see the process before disown-ing it. After, it is now missing from “jobs” list.

New add – would love sound with this.

Cool tool!

Added two modules to my LAMP server.

First is goaccess

$brew install goaccess

Log parsing for apache monitoring. all the right statistics derived from the main httpd log:

/usr/local/var/log/httpd/access_log

Startup this way with the important log format tag:

$goaccess /usr/local/var/log/httpd/access_log --log-format=COMMON

Second tool – very much like Activity monitor, but in terminal – GLANCES

$brew install glances

Then it is simple startup via:

$glances

Running in different shells makes for informative set of information screens.

Important for restricting access:

https://httpd.apache.org/docs/2.4/howto/access.html

Added conf file to the extra folder: block-offending-ips.conf

Here:

/usr/local/etc/httpd/extra

Code to add to file:

<LocationMatch "/.*">
<RequireAll>
Require all granted
Require not ip 39.94.137.167
#Repeat the "Require not ip ..." for each IP you want to block
</RequireAll>
</LocationMatch>

The linked to httpd.conf with:

Include /usr/local/etc/httpd/extra/block-offending-ips.conf

Other methods are available for limiting access including hosts and domains. But, I was seeing some hacking attempts and want a method to block IP addresses that are appearing in the tail commands:

tail -n 200 -f /usr/local/var/log/httpd/access_log
tail -n 200 -f /usr/local/var/log/httpd/error_log

I feel like I can control things more effectively now. Wish there were a simple tool to add IP addresses rather than editing this file. Would make life easier.

Not so fast. I can get it up and running, but WordPress is vexed by it, so back to 7.4. It only got released today, so no harm

But, I’m noticing interesting anomalies on how to make sure we have things running right and it centers around su vs. regular user on brew services. Me thinks I have a problem. Not sure yet, since it is working. But, need to check why I have an error in services list on regular use, versus sudo use.

Will check back on this.