| CARVIEW |
Select Language
HTTP/2 302
server: nginx
date: Thu, 31 Jul 2025 04:13:33 GMT
content-type: text/plain; charset=utf-8
content-length: 0
x-archive-redirect-reason: found capture at 20100214063323
location: https://web.archive.org/web/20100214063323/https://github.com/samuel/squawk
server-timing: captures_list;dur=0.813002, exclusion.robots;dur=0.031125, exclusion.robots.policy;dur=0.014542, esindex;dur=0.013856, cdx.remote;dur=99.021651, LoadShardBlock;dur=1533.363031, PetaboxLoader3.datanode;dur=739.664016, PetaboxLoader3.resolve;dur=92.435461
x-app-server: wwwb-app222
x-ts: 302
x-tr: 1685
server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0
set-cookie: SERVER=wwwb-app222; path=/
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
server-timing: MISS
x-nid: DigitalOcean
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
HTTP/2 200
server: nginx
date: Thu, 31 Jul 2025 04:13:35 GMT
content-type: text/html; charset=utf-8
x-archive-orig-server: nginx/0.7.61
x-archive-orig-date: Sun, 14 Feb 2010 06:33:23 GMT
x-archive-orig-connection: close
x-archive-orig-status: 200 OK
x-archive-orig-etag: "494ee0f3c7641268a902702697483708"
x-archive-orig-x-runtime: 158ms
x-archive-orig-content-length: 25848
x-archive-orig-cache-control: private, max-age=0, must-revalidate
x-archive-guessed-content-type: text/html
x-archive-guessed-charset: utf-8
memento-datetime: Sun, 14 Feb 2010 06:33:23 GMT
link: ; rel="original", ; rel="timemap"; type="application/link-format", ; rel="timegate", ; rel="first memento"; datetime="Fri, 12 Feb 2010 15:50:53 GMT", ; rel="prev memento"; datetime="Fri, 12 Feb 2010 15:50:53 GMT", ; rel="memento"; datetime="Sun, 14 Feb 2010 06:33:23 GMT", ; rel="next memento"; datetime="Tue, 06 Apr 2010 17:31:12 GMT", ; rel="last memento"; datetime="Sat, 26 Jul 2025 14:32:54 GMT"
content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org athena.archive.org analytics.archive.org pragma.archivelab.org wwwb-events.archive.org
x-archive-src: 52_14_20100214061643_crawl102-c/52_14_20100214063227_crawl101.arc.gz
server-timing: captures_list;dur=0.685150, exclusion.robots;dur=0.024060, exclusion.robots.policy;dur=0.011394, esindex;dur=0.015950, cdx.remote;dur=10.390593, LoadShardBlock;dur=348.818488, PetaboxLoader3.datanode;dur=135.766644, PetaboxLoader3.resolve;dur=479.693687, load_resource;dur=355.248729
x-app-server: wwwb-app222
x-ts: 200
x-tr: 791
server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0
x-location: All
x-rl: 0
x-na: 0
x-page-cache: MISS
server-timing: MISS
x-nid: DigitalOcean
referrer-policy: no-referrer-when-downgrade
permissions-policy: interest-cohort=()
content-encoding: gzip
samuel's squawk at master - GitHub
This service is courtesy of Pledgie.
samuel / squawk
- Source
- Commits
- Network (2)
- Issues (0)
- Downloads (0)
- Wiki (2)
- Graphs
-
Branch:
master
click here to add a description
click here to add a homepage
-
Branches (1)
- master ✓
- Tags (0)
Sending Request…
Enable Donations
Pledgie Donations
Once activated, we'll place the following badge in your repository's detail box:
SQL Query Tool for Static Files — Read more
squawk /
| name | age | message | |
|---|---|---|---|
 |
.gitignore | Sat Feb 06 19:22:57 -0800 2010 | Adde dist directory to .gitignore [samuel] |
| |
LICENSE | Sat Feb 06 19:56:30 -0800 2010 | Copy fail.. fixed the LICENSE [samuel] |
| |
MANIFEST.in | Sat Feb 06 19:52:25 -0800 2010 | Added license to setup.py and LICENSE file (BSD) [samuel] |
| |
README.md | Mon Feb 08 12:00:09 -0800 2010 | Updated examples in README to match new api [samuel] |
| |
TODO | Sat Feb 06 21:38:32 -0800 2010 | Added installable command "squawk" [samuel] |
 |
bin/ | Sat Feb 06 21:38:32 -0800 2010 | Added installable command "squawk" [samuel] |
| |
setup.py | Mon Feb 08 13:59:27 -0800 2010 | Added "pyparsing" to requirements in setup.py [samuel] |
| |
squawk/ | Mon Feb 08 14:18:57 -0800 2010 | AccessLogParser now sets bytes to 0 if it's not... [samuel] |
README.md
Description
Squawk is a library and command line tool for running SQL queries against structured/semi-structured static files. (e.g. Apache logs, csv files, tcpdump output).
License
BSD
See LICENSE
Goal
The purpose is Squawk is to make querying for data in log files or other structured files easier. Everything that Squawk does can be done by combining various unix tools, but Squawk makes it ever easier to express more complex relationships. It is in no way a database or meant to be used as such. It's merely a reporting tool.
Squawk can be used from the command line for ad-hoc queries, and it can also be used as a library as a part of a more in-depth reporting tool.
Status
Still in major development. API is guaranteed to change.
Requirements
- Python2.5 or later 2.x
- pyparsing
Supported SQL Features
- Aggregates: count, min, max, avg, sum
- GROUP BY
- ORDER BY (single column)
- LIMIT
- OFFSET
- WHERE
- Column aliases
- Subqueries in FROM
Departures from Standard SQL
- Table list in FROM uses a space rather than a comma as a separator. This makes it easier on the command line to specify files. (e.g. FROM access.log* )
Parsers
- Common access file formats (nginx, apache)
- CSV
Output Formats
- Basic tabular for console (like most database command line tools)
- JSON
- CSV
Examples
SQL query on the command line::
$ squawk "SELECT COUNT(1) AS n, status FROM access.log GROUP BY status ORDER BY n DESC"
n | status
----------------------------------------
381353 | 200
180668 | 302
17976 | 404
12952 | 301
10836 | 304
735 | 403
420 | 206
376 | 416
123 | 400
46 | 500
5 | 502
3 | 408
3 | 405
1 | 504
SQL based query through API::
query = Query(
"SELECT COUNT(1) AS n, remote_addr"
" FROM file"
" WHERE status = 200"
" AND remote_addr != '-'"
" GROUP BY remote_addr"
" ORDER BY n DESC"
" LIMIT 10")
source = AccessLogParser("access.log")
output_console(query(source))
# or
query = Query(
"SELECT COUNT(1) AS n, remote_addr"
" FROM file"
" WHERE status = 200"
" AND remote_addr != '-'"
" GROUP BY remote_addr"
" ORDER BY n DESC"
" LIMIT 10")
source = AccessLogParser("access.log")
for row in query(source):
print row
Code generated query::
source = AccessLogParser("access.log")
filtered = Filter(source, lambda row:row['status'] == 200)
group_by = GroupBy(filtered, group_by="remote_addr", select=[
lambda:Column('remote_addr'),
lambda:CountAggregate(None, 'count(1)')])
order_by = OrderBy(group_by, 'count(1)', True)
limit = Limit(order_by, 10)
for row in limit:
print row