Automic VaultAutomic Vault

brew

Install logswan with Homebrew, apt

Fast Web log analyzer using probabilistic data structures. Version 2.1.17 via Homebrew; verified 2026-07-02.

install

Additional install commands

macOS

Homebrewverified · 100%
brew install logswan

local Homebrew formula metadata

Linux

Debian aptverified · 92%
sudo apt install logswan

Debian stable package indexes · logswan · source: deb.debian.org

overview

Package summary

Fast Web log analyzer using probabilistic data structures

Commands and aliases

  • logswan

history

Project history and usage

Logswan is a fast web-log analyzer focused on very large log files, especially API logs. It uses probabilistic data structures, including HyperLogLog counters, to keep memory use constant while estimating unique visitors.

Project history

Frederic Cambus develops Logswan as intentionally opinionated software. The README states design goals of speed, memory efficiency, and simple code, and documents deliberate constraints such as Common Log Format support and byte-level reporting without rounded units.

The official GitHub repository was created in June 2015. The project remains small and C-focused, with Jansson and libmaxminddb as key dependencies and JSON output as its primary integration surface.

Adoption history

Logswan's adoption is modest but practical: the README lists packages for OpenBSD, NetBSD, FreeBSD, Debian, Ubuntu, Void Linux, Gentoo, and Homebrew. The supplied package facts also show Homebrew, Debian, and Ubuntu entries.

The official GitHub repository shows a long-lived niche project with hundreds of stars, a small fork count, and regular releases through the 2.1.x series.

How it is used

The CLI form is `logswan [-ghv] [-d db] logfile`, with `-` accepted for standard input. Output goes to standard output as JSON, making it easy to redirect into other tools.

GeoIP lookups are optional through `-g` and `-d db`. The README documents the default GeoIP2 database directory under `${CMAKE_INSTALL_PREFIX}/share/dbip`, but this is a data-file lookup rather than a Logswan configuration file.

Why package nerds care

Logswan is interesting to package maintainers because it is a small, security-minded C tool with clear dependencies, sandboxing notes for OpenBSD pledge, optional seccomp, and deterministic JSON output. It is the opposite of a sprawling analytics stack.

Timeline

  • 2015: Official GitHub repository created.
  • 2021: 2.1.12 release published.
  • 2025: 2.1.15 release published.
  • 2026: 2.1.16 release published.

Related projects

  • Logswan belongs to the family of web-log analyzers, but its README differentiates it by using HyperLogLog counters and by avoiding broad format support.

security posture

Risk level: green

narrow executable package without higher-risk signals.

Risk classifier

green risk · low confidence · appliance

Why

  • narrow executable package without higher-risk signals

Signals

  • metadata:no-higher-risk-signals

Install behavior

  • No Homebrew post-install hook is recorded in formula metadata.
  • Homebrew bottle metadata is available for 6 platform targets.
  • Installs with 2 runtime dependencies.
  • Build metadata lists 1 build dependencies.

Recommended review

Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.

executables

Installed executables

CommandKindExposureNote
logswancliglobal executable

freshness

Version and freshness

These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.

page generated2026-07-08
manager version2.1.17
manager updated2026-07-02
local dataok
upstreamcurrent
latest detected2.1.17

https://github.com/fcambus/logswan

  • okNo freshness warnings were generated.

install metadata

Package metadata

Package keybrew:logswan
Version2.1.17
Package managerHomebrew
Package manager pagehttps://formulae.brew.sh/formula/logswan
Homepagehttps://www.logswan.org
Repositoryhttps://github.com/fcambus/logswan
Upstream docshttps://www.logswan.org/
LicenseBSD-2-Clause
Source archivehttps://github.com/fcambus/logswan/archive/refs/tags/2.1.17.tar.gz
Last updated2026-07-02T00:18:32Z
Pulseupdated
Dependenciesjansson, libmaxminddb
Build dependenciescmake
Bottleavailable (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-installnot defined
Servicenone declared

registry facts

Source database details

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namelogswan
Version Scheme0
Revision0
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • stable

source database matches

Other package-manager records

Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.

Debian apt95%

logswan 2.1.15-1

fast Web log analyzer using probabilistic data structures

https://github.com/fcambus/logswan

sudo apt install logswan
  • Section: web
  • Architecture: amd64
  • 3 dependencies
  • normalized package name match
  • Matched by: Logswan
Debian stable package indexes · deb.debian.org · Debian stable package indexes: logswan from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz
Ubuntu apt95%

logswan 2.1.14-2

fast Web log analyzer using probabilistic data structures

https://github.com/fcambus/logswan

sudo apt install logswan
  • Section: universe/web
  • Architecture: amd64
  • 3 dependencies
  • normalized package name match
  • Matched by: Logswan
Ubuntu 24.04 LTS package indexes · archive.ubuntu.com · Ubuntu 24.04 LTS package indexes: logswan from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz

source trail

Generated from repository data

This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.

Used sources

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment