tchivert/topip
1
Fork 0
Code Actions Packages Releases 4 Activity
Files
v1.3
topip/README.md
tchivert ce8966026c
build / build (push) Successful in 51s
Details
fix binary path and update readme
2025-05-21 00:23:00 +02:00

2.6 KiB
Raw Permalink Blame History

topip - simple terminal haproxy log analyzer

It's meant to give you a quick overview of your haproxy logs, like:

  • What ips are making the most connections?
  • What vhost consumes the most bandwidth?
  • Which files are most downloaded?
  • Is there any bot that abuses your webserver?

Installation

Binaries

topip has prebuilt binaries for Linux and macOS on amd64 and arm64.

You can install it easily by using these commands:

wget https://git.rznet.fr/tchivert/topip/releases/download/latest/topip-<os>-<arch> -O /usr/local/bin/topip
chmod +x /usr/local/bin/topip

Exemple for an amd64 linux machine:

wget https://git.rznet.fr/tchivert/topip/releases/download/latest/topip-linux-amd64 -O /usr/local/bin/topip
chmod +x /usr/local/bin/topip

Debian-based distributions

You can install topip with a deb package from my repository:

sudo curl https://dl.rznet.fr/api/packages/tchivert/debian/repository.key -o /etc/apt/keyrings/rznet-tchivert.asc
echo "deb [signed-by=/etc/apt/keyrings/rznet-tchivert.asc] https://dl.rznet.fr/api/packages/tchivert/debian stable main" | sudo tee -a /etc/apt/sources.list.d/rznet.list
sudo apt update

sudo apt install topip

Or by downloading directly the latest .deb:

wget https://git.rznet.fr/tchivert/topip/releases/download/latest/topip-amd64.deb
sudo dpkg -i topip_1.2-1_amd64.deb

Usage

Usage: topip [-f logfile] [-t conn|bytes] [-n num] [-p pattern] [-i all|ip|vhost|request] [-d]
  -d	Enable debug mode
  -f string
    	Path to the HAProxy log file (use - for stdin) (default "/var/log/haproxy/haproxy.log")
  -i string
    	Information to display (all, ip, vhost, req) (default "all")
  -n int
    	Number of IP addresses and vhosts to display (default 20)
  -p string
    	Filter by request pattern
  -t string
    	Sort by connections or bytes sent (conn or bytes) (default "conn")

Recommended haproxy log-format:
  log-format "%ci %b/%s %ST %B %Tt %sq/%bq %{+Q}r %hr %hs"

topgeoip

In addition, topgeoip can be used to quickly get basic geo information about the top IPs (country, asn and hit count of top ips).

It's simple and doesn't need a particular log format, you just need up to date maxmind geoip databases (see geoipupdate) to produce the geo information. Otherwise it will just show the hit count of top ips.

License

This project is licensed under the MIT License. See the LICENSE file for more information.

View Git Blame Copy Permalink