This commit refines how logfiles are displayed, so it is more suitable for webserver and mailserver logs in addition to generic kernel messages:
* Add colorization of strings in double quotes
* Alter parsing of pathnames to also include common URL path components
* Mark IPv4 and IPv6 addresses
* Detect email addresses
* Detect HTTP verbs and common HTTP and mailserver status codes
I think it is rather nice to look at and easy to visually parse important parts of each log line. Since I've been using this config for a long time on my servers I thought I should give back and make it available to the public.
Merge if you feel like it, if not it is here to copy for anyone that wants to. Thanks @garabik for your awesome tool!
Newer versions of ss have a slightly different output syntax: IPv6 addresses are put in brackets (like in URLs).
tcp LISTEN 0 32 [::1]:53 [::]:*
Also, the addresses' scope may be in the output:
192.168.1.1%eth0:68 0.0.0.0:* users:(("NetworkManager",pid=82,fd=6)) ino:661155 sk:272 <->
I had to move the "status" regex or it would overwrite IPv6 addresses.