InfloSift is a powerful Python-based tool designed to revolutionize the analysis of Infoblox support bundles. By efficiently processing various log types, storing data in SQLite, and leveraging natural language queries via Ollama integration, InfloSift provides deep insights into your Infoblox infrastructure.
- Comprehensive Log Processing: Parses diverse log types (syslog, ptop, JSON, etc.)
- Intelligent Data Storage: Utilizes SQLite for efficient and queryable data management
- Advanced Metadata Extraction: Automatically extracts and indexes file metadata and timestamps
- Natural Language Query Support: Powered by Ollama for intuitive data exploration
- Focused Analysis: Specialized in critical areas such as DHCP failover issues
- Extensible Architecture: Easily adaptable for custom log formats and analyses
- Support Bundle Flattener: Includes a tool to decompress and organize support bundle contents
- Python 3.6+
- SQLite3
- Pandas
- Ollama client
- Colorama (for colored console output)
-
Clone the repository:
git clone https://github.com/vcappuccio/inflosift.git cd inflosift -
Install required packages:
pip install -r requirements.txt
-
Ensure Ollama is installed and running on your system.
InfloSift offers two main components:
Decompress and organize your support bundle:
python support_bundle_flattener.py <source_directory> <destination_directory>you might need to run the above several times :)
Analyze the flattened support bundle:
python inflosift.py [--directory DIRECTORY] [--query QUERY] [--focus FOCUS]Options:
--directory: Specify the support bundle directory (default: current working directory)--query: Provide a natural language query for analysis--focus: Specify the focus area for the query (e.g., "DHCP failover")
-
Flatten a support bundle:
python support_bundle_flattener.py /path/to/support_bundle /path/to/flattened_bundle
-
Process flattened support bundle files:
python inflosift.py --directory /path/to/flattened_bundle
-
Query for DHCP failover issues:
python inflosift.py --query "Identify critical DHCP failover events in the last 24 hours" --focus "DHCP failover"
InfloSift creates a SQLite database with the following structure:
| Table | Description |
|---|---|
| files | File metadata and content hashes |
| lines | Individual lines from text files |
| ptop_data | Process data from ptop files |
| smaps_data | Memory mapping data |
| syslog | Standard syslog entries |
| support_syslog | Support-specific syslog entries |
| infoblox | Infoblox-specific log entries |
InfloSift is designed with extensibility in mind. You can easily:
- Add support for new log formats
- Implement custom analysis queries
- Extend the database schema for additional data points
Refer to our Contribution Guide for more details on how to extend InfloSift.
- Ensure all dependencies are correctly installed
- Verify that Ollama is running and accessible
- Check file permissions for the support bundle and destination directories
For more detailed troubleshooting, refer to our FAQ or open an issue.
We welcome contributions! Please read our Contribution Guidelines before submitting a Pull Request.
If you find InfloSift useful, consider supporting the project:
Created with ❤️
For more information, bug reports, or feature requests, please open an issue.