blob: 3a52ac93dad7a1a587639bfd506634487a8c94a6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
|
DTail
=====
[](https://www.apache.org/licenses/LICENSE-2.0.html) [](https://goreportcard.com/report/github.com/mimecast/dtail) [](https://www.vbrandl.net/post/2019-05-03_hits-of-code/)   
DTail (a distributed tail program) is a DevOps tool for engineers programmed in Google Go for following (tailing), catting and grepping (including gzip and zstd decompression support) log files on many machines concurrently. An advanced feature of DTail is to execute distributed MapReduce aggregations across many devices.
For secure authorization and transport encryption, the SSH protocol is used. Furthermore, DTail respects the UNIX file system permission model (traditional on all Linux/UNIX variants and also ACLs on Linux based operating systems).
The DTail binary operates in either client or server mode. The DTail server must be installed on all server boxes involved. The DTail client (possibly running on a regular Laptop) is used interactively to connect to the servers concurrently. That currently scales to multiple thousands of servers per client. Furthermore, DTail can be operated in a serverless mode too. Read more about it in the documentation.
If you like what you see [look here for more examples](doc/examples.md)! You can also read through the [DTail Mimecast Engineering Blog Post](https://medium.com/mimecast-engineering/dtail-the-distributed-log-tail-program-79b8087904bb).
Installation and Usage
======================
* Check out the [DTail Documentation](doc/index.md)
Auth-Key Fast Reconnect
=======================
DTail supports an optional SSH auth optimization for repeated reconnects.
After a normal authenticated SSH session is established, the client can
register a local public key with `dserver` using an `AUTHKEY` command. The
server stores this key in memory only and checks it before `authorized_keys`
on subsequent connections.
This reduces repeated hardware-token signing (for example YubiKey-backed SSH
agent keys) while keeping transparent fallback to normal SSH authentication.
Client options:
* `--auth-key-path` path to the private key to offer first and register
(default: `~/.ssh/id_rsa`)
* `--no-auth-key` disable auth-key registration/fast-path and use normal SSH
behavior only
Server configuration (`dtail.json`):
```json
{
"Server": {
"AuthKeyEnabled": true,
"AuthKeyTTLSeconds": 86400,
"AuthKeyMaxPerUser": 5
}
}
```
Security notes:
* Registered keys are stored in memory only (no disk persistence)
* Registration is accepted only over an already-authenticated session
* TTL expiry and per-user key limits bound key lifetime and memory growth
* If fast-path auth is unavailable (restart/expiry/mismatch), DTail falls back
to normal SSH auth automatically
More
====
* [How to contribute](CONTRIBUTING.md)
* [Code of conduct](CODE_OF_CONDUCT.md)
* [Licenses](doc/licenses.md)
Credits
=======
* DTail was created by **Paul Buetow** *<pbuetow@mimecast.com>*
* Thank you [Mimecast](https://www.mimecast.com) for supporting this Open-Source project.
* Thank you to **Vlad-Marian Marian** for creating the DTail (dog) logo.
* The Gopher was generated at https://gopherize.me
|
