# Hatchet README
# v 0.8, 2005.05.12
# Jason Dixon <jason@dixongroup.net>
# http://www.dixongroup.net/hatchet/
#
# NOTE:  All documentation is in the Docs/ directory.
#

Hatchet is a log parsing/presentation program written for 
OpenBSD's PF logs.  The main script, "hatchet", should be 
run every 5 minutes, or as often as you wish.  Depending on 
the size of your logfiles versus the speed of your machine, 
you may wish to tweak how often it runs.  Starting with 
version 0.7, this script also parses out data older than
$stale number of days, as defined in /etc/hatchet.conf.

Hatchet uses a series of Perl regexes to match entries from 
the pflog logs.  The log entries are stored in a SQLite 
database file, allowing for highly dynamic queries and 
statistics.  If it finds one it doesn't have a match for, 
it will kick off an email to the system administrator 
(root@localhost) with the details.  It's possible to install 
the web interface on a separate webserver, the Docs/INSTALL 
document covers each task and where it should be performed.  

Hopefully you find this a useful, clean log viewing utility.  
I plan to incorporate new features eventually, particularly 
more advanced reporting, but time will tell.  I happily 
accept feature requests, but I don't intend to incorporate 
features that would otherwise be best handled the "OpenBSD 
way".  In other words, I won't add a PF ruleset editor, 
don't ask.

P.S.  Go read the Docs/INSTALL document for instructions, 
if you haven't already figured this out by now.

Thanks for trying out Hatchet.  Please email me with your 
feedback, compliments, etc.

- Jason Dixon <jason@dixongroup.net>