asql is a simple console shell which allows you to run SQL queries against an Apache logfile, something that can be very useful – especially at getting information which is not easily available via static logfile analysers.
When asql starts up it creates a temporary SQLite database to hold the contents of the parsed logfile(s) you might load. This temporary database may then be queried directly via SQL.
Install asql on Debian 8
Open the terminal and run the following command
sudo apt-get install asql
Using aSql
Once installed, either via the package or via the source download, please start the shell by typing “asql”.
Once the shell starts you have several commands available to you, enter help for a complete list. The three most commonly used commands would be:
load
This will load an Apache logfile into the temporary database which is created at startup. Single files, or globs are accepted so you may run something like this:
load /var/log/apache2/acces*
To save time parsing the input files more than once you may saving the resulting database with save and later restore it.
select
This allows you to run an actual query.
show
This shows the table structure the logfile was parsed into.
aSql Examples
The following sample session provides a demonstration of typical usage of the shell, it demonstrates the use of the alias command which may be used to create persistent aliases:
asql v0.6 – type ‘help’ for help.
asql> load /home/skx/hg/engaging/logs/access.log
Loading: /home/skx/hg/engaging/logs/access.log
sasql> select COUNT(id) FROM logs
46
asql> alias hits SELECT COUNT(id) FROM logs
ALIAS hits SELECT COUNT(id) FROM logs
asql> alias ips SELECT DISTINCT(source) FROM logs;
ALIAS ips SELECT DISTINCT(source) FROM logs;
asql> hits
46
asql> alias
ALIAS hits SELECT COUNT(id) FROM logs
ALIAS ips SELECT DISTINCT(source) FROM logs;