sevi-kun/proxy-to-logbull
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2 Commits 2 Branches 0 Tags
6cfea15b9e9f79176c5a369432148c93429318a6
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
sevi-kun 6cfea15b9e vibed
2026-03-02 23:21:47 +01:00
.gitignore
init
2026-03-02 23:11:45 +01:00
.python-version
init
2026-03-02 23:11:45 +01:00
config.yaml
vibed
2026-03-02 23:21:47 +01:00
main.py
vibed
2026-03-02 23:21:47 +01:00
proxy-to-logbull.service
vibed
2026-03-02 23:21:47 +01:00
pyproject.toml
vibed
2026-03-02 23:21:47 +01:00
README.md
init
2026-03-02 23:11:45 +01:00
test_sample.py
vibed
2026-03-02 23:21:47 +01:00
uv.lock
vibed
2026-03-02 23:21:47 +01:00

README.md

nginx & naxsi to logbull

This python project parses the logs from nginx and naxsi and sends them to logbull. To do this it uses the logbull api and follows the nginx combined log format.

logbull sample

import time
from logbull import LogBullLogger

# Initialize logger
logger = LogBullLogger(
    host="http://192.168.0.252:4005",
    project_id="778e67d7-5ec6-4c48-b199-cfbded605557",
)

# Log messages (printed to console AND sent to LogBull)
logger.info("User logged in successfully", fields={
    "user_id": "12345",
    "username": "john_doe",
    "ip": "192.168.1.100"
})

# With context
session_logger = logger.with_context({
    "session_id": "sess_abc123",
    "user_id": "user_456"
})

session_logger.info("Processing request", fields={
    "action": "purchase"
})

# We need to wait a bit in short-living scripts when logs
# received by Log Bull. This is not needed in production
logger.flush()
time.sleep(3)

Sample logs

root@ov-9180d2:~# tail /var/log/nginx/access.log
45.153.34.68 - - [02/Mar/2026:21:22:38 +0000] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0"
45.153.34.68 - - [02/Mar/2026:21:22:38 +0000] "POST / HTTP/1.1" 444 0 "-" "Mozilla/5.0"
176.65.134.20 - - [02/Mar/2026:21:30:25 +0000] "PROPFIND / HTTP/1.1" 444 0 "http://89.47.50.242:443/" "-"
176.65.149.233 - - [02/Mar/2026:21:34:35 +0000] "GET / HTTP/1.1" 444 0 "-" "Mozilla/1.0"
176.65.148.66 - - [02/Mar/2026:21:41:20 +0000] "HEAD / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org  )"
20.64.104.237 - - [02/Mar/2026:21:48:03 +0000] "GET /login HTTP/1.1" 444 0 "-" "Mozilla/5.0 zgrab/0.x"
79.124.40.174 - - [02/Mar/2026:21:53:05 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
142.248.80.187 - - [02/Mar/2026:22:00:17 +0000] "GET / HTTP/1.0" 444 0 "-" "Shodan-Pull/1.0"
80.66.83.43 - - [02/Mar/2026:22:05:39 +0000] "\x03\x00\x00/*\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr" 400 0 "-" "-"
45.194.92.25 - - [02/Mar/2026:22:08:40 +0000] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46"
root@ov-9180d2:~# tail /var/log/nginx/access/jellyfin_nussnougate_net_access.log
185.71.113.95 - - [02/Mar/2026:04:11:43 +0000] "GET /favicon.ico HTTP/1.1" 503 4508 "-" "Mozilla/5.0 (iPad; CPU OS 18_1_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Brave/1 Mobile/15E148 Safari/604.1"
185.71.113.95 - - [02/Mar/2026:04:11:48 +0000] "GET /System/Info/Public HTTP/1.1" 503 73 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Brave/1 Version/18.1.1 Safari/605.1.15"
185.71.113.95 - - [02/Mar/2026:04:11:48 +0000] "GET /System/Info/Public HTTP/1.1" 503 68 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Brave/1 Version/18.1.1 Safari/605.1.15"
185.71.113.95 - - [02/Mar/2026:04:11:48 +0000] "GET /System/Info/Public HTTP/1.1" 503 73 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Brave/1 Version/18.1.1 Safari/605.1.15"
185.71.113.95 - - [02/Mar/2026:04:11:50 +0000] "POST /Sessions/Playing/Progress HTTP/1.1" 503 68 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36"
185.71.113.95 - - [02/Mar/2026:05:08:10 +0000] "GET /socket?api_key=a77d7b7b02f4486587562dbf0bc88ed6&deviceId=TW96aWxsYS81LjAgKE1hY2ludG9zaDsgSW50ZWwgTWFjIE9TIFggMTBfMTVfNykgQXBwbGVXZWJLaXQvNjA1LjEuMTUgKEtIVE1MLCBsaWtlIEdlY2tvKSBCcmF2ZS8xIFZlcnNpb24vMTguMS4xIFNhZmFyaS82MDUuMS4xNXwxNzcyMTYzNjIxNDk1 HTTP/1.1" 101 35233 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Brave/1 Version/18.1.1 Safari/605.1.15"
71.6.134.232 - - [02/Mar/2026:07:20:00 +0000] "GET /touchicon.f5bbb798cb2c65908633.png HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
192.253.248.11 - - [02/Mar/2026:14:13:56 +0000] "GET / HTTP/1.1" 403 398 "http://jellyfin.nussnougate.net//.git/HEAD" "Go-http-client/1.1"
62.12.134.6 - - [02/Mar/2026:17:28:27 +0000] "GET /socket?api_key=f6485020938e4243b5ccbf62db6d5743&deviceId=TW96aWxsYS81LjAgKFgxMTsgTGludXggeDg2XzY0OyBydjoxNDYuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xNDYuMHwxNzY2MTA2ODM1NzQz HTTP/1.1" 101 4171 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:148.0) Gecko/20100101 Firefox/148.0"
185.19.123.118 - - [02/Mar/2026:17:55:11 +0000] "GET /socket?api_key=1f19a111fdbe41d28ebbcd7f659a32c8&deviceId=TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyOS4wLjAuMCBTYWZhcmkvNTM3LjM2fDE3Mjg2NzE5MjAxMTI1 HTTP/1.1" 101 5521 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36"
root@ov-9180d2:~# tail /var/log/nginx/error/jellyfin_nussnougate_net_error.log
2026/03/02 04:11:13 [error] 1083281#1083281: *3381930 connect() failed (113: No route to host) while connecting to upstream, client: 185.71.113.95, server: jellyfin.nussnougate.net, request: "POST /Sessions/Playing/Progress HTTP/1.1", upstream: "http://192.168.100.101:8096/Sessions/Playing/Progress", host: "jellyfin.nussnougate.net"
2026/03/02 04:11:21 [error] 1083281#1083281: *3383437 connect() failed (113: No route to host) while connecting to upstream, client: 185.143.100.163, server: jellyfin.nussnougate.net, request: "GET / HTTP/1.1", upstream: "http://192.168.100.101:8096/", host: "jellyfin.nussnougate.net"
2026/03/02 04:11:21 [error] 1083281#1083281: *3381108 connect() failed (113: No route to host) while connecting to upstream, client: 185.71.113.95, server: jellyfin.nussnougate.net, request: "POST /Sessions/Playing/Progress HTTP/1.1", upstream: "http://192.168.100.101:8096/Sessions/Playing/Progress", host: "jellyfin.nussnougate.net"
2026/03/02 04:11:21 [error] 1083281#1083281: *3381930 connect() failed (113: No route to host) while connecting to upstream, client: 185.71.113.95, server: jellyfin.nussnougate.net, request: "POST /Sessions/Playing/Progress HTTP/1.1", upstream: "http://192.168.100.101:8096/Sessions/Playing/Progress", host: "jellyfin.nussnougate.net"
2026/03/02 04:11:33 [error] 1083281#1083281: *3381108 connect() failed (113: No route to host) while connecting to upstream, client: 185.71.113.95, server: jellyfin.nussnougate.net, request: "POST /Sessions/Playing/Progress HTTP/1.1", upstream: "http://192.168.100.101:8096/Sessions/Playing/Progress", host: "jellyfin.nussnougate.net"
2026/03/02 04:11:33 [error] 1083281#1083281: *3381930 connect() failed (113: No route to host) while connecting to upstream, client: 185.71.113.95, server: jellyfin.nussnougate.net, request: "POST /Sessions/Playing/Progress HTTP/1.1", upstream: "http://192.168.100.101:8096/Sessions/Playing/Progress", host: "jellyfin.nussnougate.net"
2026/03/02 04:11:42 [error] 1083281#1083281: *3381930 connect() failed (113: No route to host) while connecting to upstream, client: 185.71.113.95, server: jellyfin.nussnougate.net, request: "POST /Sessions/Playing/Progress HTTP/1.1", upstream: "http://192.168.100.101:8096/Sessions/Playing/Progress", host: "jellyfin.nussnougate.net"
2026/03/02 04:11:42 [error] 1083281#1083281: *3383470 connect() failed (113: No route to host) while connecting to upstream, client: 185.71.113.95, server: jellyfin.nussnougate.net, request: "GET /web/ HTTP/1.1", upstream: "http://192.168.100.101:8096/web/", host: "jellyfin.nussnougate.net"
2026/03/02 04:11:42 [error] 1083281#1083281: *3383472 connect() failed (113: No route to host) while connecting to upstream, client: 185.71.113.95, server: jellyfin.nussnougate.net, request: "GET /web/serviceworker.js HTTP/1.1", upstream: "http://192.168.100.101:8096/web/serviceworker.js", host: "jellyfin.nussnougate.net", referrer: ""
2026/03/02 14:13:56 [error] 1083281#1083281: *3426455 {"ip":"192.253.248.11","server":"jellyfin.nussnougate.net","uri":"/","config":"block","rid":"a3da57ce31e7a5489d0625abe261f6e0","cscore0":"$UWA","score0":8,"zone0":"HEADERS","id0":10000034,"var_name0":"user-agent"}, client: 192.253.248.11, server: jellyfin.nussnougate.net, request: "GET / HTTP/1.1", host: "jellyfin.nussnougate.net", referrer: "http://jellyfin.nussnougate.net//.git/HEAD"
root@ov-9180d2:~# tail /var/log/nginx/error.log
2026/03/02 12:38:34 [crit] 1083281#1083281: *3419261 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 5.34.178.101, server: 0.0.0.0:443
2026/03/02 13:29:38 [crit] 1083281#1083281: *3423182 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 161.35.149.67, server: 0.0.0.0:443
2026/03/02 13:52:16 [crit] 1083281#1083281: *3424723 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 5.181.27.147, server: 0.0.0.0:443
2026/03/02 14:26:22 [crit] 1083281#1083281: *3427277 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 5.34.178.101, server: 0.0.0.0:443
2026/03/02 14:30:52 [crit] 1083281#1083281: *3427554 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 5.181.27.147, server: 0.0.0.0:443
2026/03/02 15:03:04 [crit] 1083281#1083281: *3429741 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 5.181.27.147, server: 0.0.0.0:443
2026/03/02 18:12:09 [crit] 1083281#1083281: *3438318 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 5.34.178.101, server: 0.0.0.0:443
2026/03/02 18:19:32 [crit] 1083281#1083281: *3438599 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 5.181.27.147, server: 0.0.0.0:443
2026/03/02 19:06:30 [crit] 1083281#1083281: *3440094 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 123.6.49.36, server: 0.0.0.0:443
2026/03/02 19:21:28 [crit] 1083281#1083281: *3440617 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 123.6.49.9, server: 0.0.0.0:443
Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme 59 KiB
Languages
Python 100%