TranslateProject/sources/tech/20170201 lnav – An Advanced Console Based Log File Viewer for Linux.md
2017-02-01 12:12:09 +08:00

8.7 KiB
Raw Blame History

lnav An Advanced Console Based Log File Viewer for Linux

LNAV stands for Log file Navigator is an advanced console based log file viewer for Linux. It does the same job how other file viewers doing like cat, more, tail, etc but have more enhanced features which is not available in normal file viewers (especially, it will comes with set of color and easy to read format).

This can decompresses all the compressed log files (zip, gzip, bzip) on the fly and merge them together for easy navigation. lnav Merge more than one log files (Single Log View) into a single view based on message timestamps which will reduce multiple windows open. The color bars on the left-hand side help to show which file a message belongs to.

The number of warnings and errors are highlighted in the display (Yellow & Red), so that we can easily see where the problems have occurred. New log lines are automatically loaded.

It display the log messages from all files sorted by the message timestamps. Top & Bottom status bars will tell you, where you are in the logs. If you want to grep any particular pattern, just type your inputs on search prompt which will be highlighted instantly.

The built-in log message parser can automatically discover and extract the each lines with detailed information.

A server log is a log file which is created and frequently updated by a server to capture all the activity for the particular service or application. This can be very useful when you have an issue with application or service. In log files you can get all the information about the issue like when it start behaving abnormal based on warning or error message.

When you open a log file with normal file viewer, it will display all the details in plain format (If i want to tell you in straight forward, plain white) its very difficult to identify/understand where is warning & errors messages are there. To overcome this kind of situation and quickly find the warning & error message to troubleshoot the issue, lnav comes in handy for a better solution.

Most of the common Linux log files are located at /var/log/.

lnav automatically detect below log formats

  • Common Web Access Log format
  • CUPS page_log
  • Syslog
  • Glog
  • VMware ESXi/vCenter Logs
  • dpkg.log
  • uwsgi
  • “Generic” Any message that starts with a timestamp
  • Strace
  • sudo
  • gzib & bizp

Awesome lnav features

  • Single Log View All log file contents are merged into a single view based on message timestamps.
  • Automatic Log Format Detection Most of the log format is supported by lnav
  • Filters regular expressions based filters can be performed.
  • Timeline View
  • Pretty-Print View
  • Query Logs Using SQL
  • Automatic Data Extraction
  • “Live” Operation
  • Syntax Highlighting
  • Tab-completion
  • Session information is saved automatically and restored when you are viewing the same set of files.
  • Headless Mode

How to install lnav on Linux

Most of the distribution (Debian, Ubuntu, Mint, Fedora, suse, openSUSE, Arch Linux, Manjaro, Mageia, etc.) has the lnav package by default, so we can easily install it from distribution official repository with help of package manager. For CentOS/RHEL we need to enable EPEL Repository.

[Install lnav on Debian/Ubuntu/LinuxMint]
$ sudo apt-get install lnav

[Install lnav on RHEL/CentOS]
$ sudo yum install lnav

[Install lnav on Fedora]
$ sudo dnf install lnav

[Install lnav on openSUSE]
$ sudo zypper install lnav

[Install lnav on Mageia]
$ sudo urpmi lnav

[Install lnav on Arch Linux based system]
$ yaourt -S lnav

If the distribution doesnt have the lnav package dont worry, Developer offering the .rpm & .debpackages, so we can easily install without any issues. Make sure you have to download the latest one from developer github page.

[Install lnav on Debian/Ubuntu/LinuxMint]
$ sudo wget https://github.com/tstack/lnav/releases/download/v0.8.1/lnav_0.8.1_amd64.deb
$ sudo dpkg -i lnav_0.8.1_amd64.deb

[Install lnav on RHEL/CentOS]
$ sudo yum install https://github.com/tstack/lnav/releases/download/v0.8.1/lnav-0.8.1-1.x86_64.rpm

[Install lnav on Fedora]
$ sudo dnf install https://github.com/tstack/lnav/releases/download/v0.8.1/lnav-0.8.1-1.x86_64.rpm

[Install lnav on openSUSE]
$ sudo zypper install https://github.com/tstack/lnav/releases/download/v0.8.1/lnav-0.8.1-1.x86_64.rpm

[Install lnav on Mageia]
$ sudo rpm -ivh https://github.com/tstack/lnav/releases/download/v0.8.1/lnav-0.8.1-1.x86_64.rpm

Run lnav without any argument

By default lnav brings syslog file when you are running without any arguments.

# lnav

To view specific logs with lnav

To view specific logs with lnav, add the log file path followed by lnav command. For example we are going to view /var/log/dpkg.log logs.

# lnav /var/log/dpkg.log

To view multiple log files with lnav

To view multiple log files with lnav, add the log files path one by one with single space followed by lnav command. For example we are going to view /var/log/dpkg.log & /var/log/kern.log logs.

The color bars on the left-hand side help to show which file a message belongs to. Alternatively top bar also showing the current log file name. Most of the application used to open multiple windows or horizontal or vertical windows within the window to display more than one log but lnav doing in different way (It display multiple logs in the same window based on date combination).

# lnav /var/log/dpkg.log /var/log/kern.log

To view older/compressed logs with lnav

To view older/compressed logs which will decompresses all the compressed log files (zip, gzip, bzip) on the fly, add -r option followed by lnav command.

# lnav -r /var/log/Xorg.0.log.old.gz

Histogram view

First run lnav then hit i to Switch to/from the histogram view.

View log parser results

First run lnav then hit p to Toggle the display of the log parser results.

Syntax Highlighting

You can search any given string which will be highlighting on screen. First run lnav then hit / and type the string which you want to grep. For testing purpose, im searching Default string, See the below screenshot.

Tab-completion

The command prompt supports tab-completion for almost all operations. For example, when doing a search, you can tab-complete words that are displayed on screen rather than having to do a copy & paste. For testing purpose, im searching /var/log/Xorg string, See the below screenshot.


via: http://www.2daygeek.com/install-and-use-advanced-log-file-viewer-navigator-lnav-in-linux/

作者:Magesh Maruthamuthu 译者:译者ID 校对:校对者ID

本文由 LCTT 原创编译,Linux中国 荣誉推出