Openfire Audit Log Reader

wroot · August 14, 2009, 2:55pm

by @A_Li_N

I didn’t find any program out there that suited my needs for a log reader to read the server audit logs, so I made one. I thought I’d share my work for anyone that might find it usefull.

Very simple to use:
Click on Open Log, browse to the log files from the server.

This populates the names on the left.

Click one of the names to show the messages to and from that person on the right.

Click a particular message on the right to show the entire message (if it is longer than visible) at the bottom.

No need to convert or edit the logs.

No need to know how many / what users there are.

Fast and simple.

Updates:

2009/08/14 - Fixed error when file didn’t close out Jive tag (believe this happens from taking log still being written to by server), thanks wr00t.

2012/10/24 - @Seth Randall made some improvements. Thanks! File attached

2013/04/04 - Joshua Cantara - Fixed a bug resulting from when a user messages themself.

2013/04/29 - Seth Randall - New version that fixes the bug Joshua found. Now it will log the message appropriately without teminating the import.

2013/11/21 - Seth Randall - Release 1.2.0.0 - see below for changes

OpenfireLogReader - 20090814-094758.zip (148525 Bytes)
OpenfireLogReader-sethrandall-2012-10-24.zip (381045 Bytes)
OpenfireLogReader_2013-04-04.zip (208900 Bytes)
OpenfireLogReader-sethrandall-2013-04-29.zip (377160 Bytes)
OpenfireLogReader-sethrandall-2013-11-21.zip (397856 Bytes)

Alex_Ulm · October 2, 2009, 2:46pm

Your log reader is very helpful. Thank you very much!

Chris_Butler · February 2, 2011, 6:57pm

Is anyone still developing this app. It is very usefull, but there are a couple of bugs I’d like to report… somwhere LOL.

thanks

Alien · February 3, 2011, 1:55am

I created it for work…work that I no longer work at. However, I would be more than happy to share the source code with anyone that asks (or you could let me know of the bugs and I’ll see if I can update the viewer…although I may need a log to attempt this, as I do not have any)

oiram · February 8, 2011, 5:27pm

I see its only WIN version. Any chance for support on other platforms? Best suppose to make it web-based / platform-independent

Jesus_Albeiro_Gaviri · April 1, 2011, 9:18pm

Thanks for the program, it looks very interesting but not e able to work with.

I have some doubts

1-there are two types of history, which seguarda on the local computer and is generated by activating and which activates segenera when activated openfire server configuration audit policies,

"to which one does the program work?

2 - I have windows 7 and if I try to open the local computer error I get an unexpected end tag attached photo of the error “errorlocal”

3 - Com Windows 7 and if that keeps trying to open the audit I get an error can not be read as an added value Cadem photo error “errorauditoria”

4-Sera I’m doing wrong?

I have the openfire Openfire 3.7.0, Spark 2.5.8, handling windows 7,

I can do is very complicated the preparation of the program if I can help in some dime, but this program is looking Bengo, c reo many seek this program

wroot · April 2, 2011, 8:50am

This program hasn’t been updated for years, so probably it is not working normally with new operating systems (or maybe you are running on 64-bit?) or maybe audit logs schema has changed. Author of this plugin will not update it i think, but the source is provided. You can try to find some programmer to fix that program for your needs.

Jesus_Albeiro_Gaviri · April 4, 2011, 10:38pm

I am interested in the source code of this program to accommodate my needs and work with the comuniddad step

wroot · April 5, 2011, 3:42am

Check the zip, i think source is in there. It is not written in java.

Jesus_Albeiro_Gaviri · April 5, 2011, 10:59pm

ouh if the zip is the source code, is in visual basic in my house I have basic, not here at work, I hope to do,
any novelty communes

now install the open fire in a server 2008, would not let me connect because the port 5222 as bloqueba the firewall, add the port and go.

thanks

wroot · April 1, 2012, 9:08am

Thanks forsharing this. So, have you tried to press Edit document and then attach a file with a Browse button?

Seth_Randall · October 24, 2012, 10:02pm

I’ve made some improvements to this. I’ll attach my copy with all the source and the compiled exe included.

Edit: I suppose I should mention what I changed

Improved printing
Filtering
Load an entire folder (this can be really slow)

Improvements needed:

Tends to be slow and use a lot of memory. I’m not sure what improvements could be made to speed it up.

Seth_Randall · April 29, 2013, 6:27pm

Joshua,

Thanks for spotting the issue. I’ve uploaded a new version that logs the message properly.

Seth

Seth_Randall · November 21, 2013, 11:33pm

I’ve uploaded a new version which includes a fix for this issue. There are also some new features:

Release 1.2.0.0

Allow filtering on the import.
Optional removal of the domain on import.
Fixed error with import of dates from non-en_US locales. Thanks to Leonhard Schick for finding the issue
Fixed out of range error when viewing filtered messages

Paul_Rinear · February 15, 2017, 4:33pm

I find the log reader super useful and thank you for developing it. There is a bug that kills me though. Sometimes a user will copy and paste something from the internet into a Spark message. The log reader reads the messages fine but if I go to print them the pages just scroll on forever. I am assuming there is some kind of illegal character in the log file which causes the print to think the file never ends. I have no been able to pinpoint it but can upload a log which will show the problem.

Seth_Randall · August 8, 2017, 4:14pm

Paul,

I’m sorry for the late reply on this. I would be happy to look at your log and see what is going on.

Robert_Fritz · July 5, 2018, 6:06pm

Hello!

I am using the latest version available of Openfire Audit Log Reader (1.2.0.0).
As we are in Brazil, the identification of some of the months is different. (in log file)
February (feb) = Fevereiro (fev)
April (apr) = Abril (abr)
May (may) = Maio (mai)
August (aug) = Agosto (ago)
September (sep) = Setembro (set)
October (oct) = Outubro (out)

Thus, an error occurs in the reading of the records of these months.
Error Parsing date

To solve the problem, I changed the log files by modifying the acronym of the months with different nomenclature. Exemple:
timestamp=“fev 03, 2018 07:37:33:590 AM”
timestamp=“feb 03, 2018 07:37:33:590 AM”

SergioGomes · September 13, 2019, 9:21pm

Robert, como vc fez isso?! Também estou com o mesmo problema!

Robert_Fritz · September 13, 2019, 9:38pm

Oi Sergio!
Não tenho conhecimento para mexer no código do programa… aí o jeito foi fazer substituição dentro do arquivo, trocando "fev " por "feb " … e assim por diante.
Deu trabalho… mas usei o Notepad++ que tornou as coisas um pouco mais fáceis.

Boa sorte.

cardioacad · September 9, 2020, 8:53pm

Is there something that will enable compatibility with Windows 10? When I select the file to import, it will not populate the information in the file. A popup briefly appears but then the reader screen remains empty.