

Clarity - an open source web interface to grep and tail  - xal
http://blog.leetsoft.com/2009/12/6/clarity-in-log-files

======
tptacek
It's MIT-licensed, which is great. I don't so much need a web interface to
grep on my own servers, but would very much like to embed something like this
into my product.

I can imagine it would be extremely useful to an ops team; my whole life is
driven off my browser bookmark bar, and this presumably lets people bookmark
server logs.

Under the hood, this is single-threaded EventMachine, using
EventMachine::popen to relay output from processes to the client, and HTTP
chunked encoding to push results to the browser. It's HTTP Basic Auth only,
and it runs Actual Unix Commands, so make that password good.

Nicely done!

~~~
xal
Yea that's a good point. You really don't want to have someone else access
your clarity installation. This takes URL parameters and runs them on the
command line. Probably the most insecure thing invented by man. Hide it will.

~~~
tptacek
No, the most insecure things invented by people take URL parameters from
_unauthenticated_ requests and run them on the command line.

I didn't audit the code or anything, but all the request processing is gated
by a function that requires HTTP basic-auth, which is at least hard to screw
up. To accidentally add a function that bypasses auth, they'd have to write an
entire new request handler chain.

That said, I noticed the same thing (popen), and if I was going to integrate
this with our product, I'd hardcode the command line.

------
redronin7
This is a great open source tool. Very useful.

------
mndmatt
Very creative and useful!

------
ticktock
any idea how to port this line of code to work on a MS Windows ruby platform?

    
    
        %[sh -c '#{results.join(" | ")}']
    

~ I've tried a few things but keep getting this: Running: sh -c 'grep -e hello
access.log'

This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.

~~~
ticktock
Actually that error is being thrown when the shell command hits
EventMachine::popen

hmm...

