Incident Response
Run --follow during outages. Burst detection shows which error spirals before
dashboards refresh.
Log pattern intelligence in a single file
Application logs contain millions of lines, but those lines are really a few dozen templates repeated with different variables. LogSift discovers those templates, ranks them by severity and frequency, and alerts you when something new appears or when a known pattern suddenly spikes.
Paste sample log lines below and see how LogSift collapses them into patterns.
Click "Run LogSift" to see patterns...
Variable values get replaced with semantic tokens:
<TIMESTAMP>Dates and times<UUID>Unique identifiers<IP>IP addresses<EMAIL>Email addresses<URL>Web addresses<PATH>File paths<NUM>Numbers<STR>Quoted strings<HEX>Hex strings<MEASURE>Values with units# Clone the repository
git clone https://github.com/SSH-PuR66/logswift.git
cd logswift
# Analyze a log file
python logswift_0.py app.log
# Live monitoring with anomaly detection
python logswift_0.py /var/log/app.log --follow --errors-only
# Export as JSON
python logswift_0.py app.log --json > report.json
Run --follow during outages. Burst detection shows which error spirals before
dashboards refresh.
Build a baseline from normal traffic. Novelty alerts flag probing, injection, or unauthorized access.
Export logs as JSON for downstream scripts doing timeline correlation.
Fail builds when test runs introduce unexpected error patterns.
Built by Sergio Rodriguez, cybersecurity student at Iona University (Class of 2026). Focused on blue team operations, security tooling, and making incident response faster.