Archives
/
lnav
mirror of https://github.com/tstack/lnav
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
circleci-project-setup
revert-185-master
gh-pages
v0.5.0
untagged-915e43f7366ef361b465
v0.10.0
v0.10.0-beta1
v0.10.1
v0.10.1-beta1
v0.11.0
v0.11.0-beta1
v0.11.0-beta2
v0.11.1
v0.11.1-beta1
v0.11.1-rc1
v0.11.1-test1
v0.11.2
v0.11.2-rc1
v0.11.2-rc2
v0.11.2-rc3
v0.11.2-rc4
v0.11.2-rc5
v0.11.2-rc6
v0.11.2-test1
v0.11.2-test10
v0.11.2-test11
v0.11.2-test2
v0.11.2-test3
v0.11.2-test4
v0.11.2-test5
v0.11.2-test6
v0.11.2-test7
v0.11.2-test8
v0.11.2-test9
v0.12.0
v0.12.0-alpha1
v0.12.0-alpha2
v0.12.0-beta1
v0.12.0-beta2
v0.12.1
v0.12.1-beta1
v0.12.1a-beta1
v0.12.1a-beta2
v0.12.2
v0.12.2-beta1
v0.12.2-beta2
v0.6.0
v0.6.1
v0.6.2
v0.7.0
v0.7.1
v0.7.2
v0.7.3
v0.8.0
v0.8.1
v0.8.2
v0.8.2-alpha
v0.8.3
v0.8.3-alpha
v0.8.3a
v0.8.3b
v0.8.4
v0.8.5
v0.8.5-rc1
v0.8.6-alpha1
v0.9.0
v0.9.0-rc1
v0.9.0-rc2
v0.9.0-rc3
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b4ec432515'
${ noResults }
lnav/src/help.txt

240 lines
9.4 KiB
Plaintext
Raw Blame History

lnav - A fancy log file viewer
DESCRIPTION
-----------
The log file navigator, lnav, is an enhanced log file viewer that
takes advantage of any semantic information that can be gleaned from
the files being viewed, such as timestamps and log levels. Using this
extra semantic information, lnav can do things like interleaving
messages from different files, generate histograms of messages over
time, and providing hotkeys for navigating through the file. It is
hoped that these features will allow the user to quickly and
efficiently zero in on problems.
OPTIONS
-------
Lnav takes a list of files to view and/or you can use the flag
arguments to load well-known log files, such as the syslog or apache
log files. The flag arguments are:
-s Load the most recent syslog messages file. (Default)
-a Load all of the most recent log file types.
-r Load older rotated log files as well.
When using the flag arguments, lnav will look for the files relative
to the current directory and its parent directories. In other words,
if you are working within a directory that has the well-known log
files, those will be preferred over any others. As an example, if you
are anywhere in a directory tree that was archived using 'pnlog
mailto', the log files within that tree will be loaded instead of the
files used by the local machine.
Any files given on the command-line are scanned to determine their log
file format and to create an index for each line in the file. You do
not have to manually specify the log file format. The currently
supported formats are: syslog, apache, strace, tcsh history, and
generic log files with timestamps.
DISPLAY
-------
The main part of the display shows the log lines from the files
interleaved based on time-of-day. The lines are "scrubbed" to remove
redundant/extraneous parts and highlighted to emphasize other parts.
New lines are automatically loaded as they are appended to the files
and, if you are viewing the bottom of the files, lnav will scroll down
to display the new lines, much like 'tail -f'.
On color displays, the lines will be highlighted as follows:
* Errors will be colored in red;
* warnings will be yellow;
* lines in even-numbered hours have their timestamps in bold white;
* boundaries between days will be underlined; and
* various color highlights will be applied to: SQL keywords, XML
tags, file and line numbers in Java backtraces, and
quoted strings.
To give you an idea of where you are in the file spatially, the right
side of the display has a proportionally sized 'scrollbar' that
indicates your current position in the file.
Above and below the main body are status lines that display:
* the current time;
* the number of errors/warnings above and below your current
position;
* the number of search hits, which updates as more are found;
* the line number for the top line in the display; and
* the name of the file the top line was pulled from.
Finally, the last line on the display is where you can enter search
patterns and execute internal commands, such as converting a
unix-timestamp into a human-readable date.
KEY BINDINGS
------------
To help navigate through the file there are many hotkeys that should
make it easy to zero-in on a specific section of the file or scan
through the file.
? View/leave this help message.
q Quit.
home Move to the top of the file.
end Move to the end of the file.
space/pgdn Move down a page.
b/bs/pgup Move up a page.
j/cr/down-arrow Move down a line.
k/up-arrow Move up a line.
h/left-arrow Move to the left.
l/right-arrow Move to the right.
e/E Move to the next/previous error.
w/W Move to the next/previous warning.
n/N Move to the next/previous search hit.
f/F Move to the next/previous entry in a different
file.
o/O Move forward/backward 60 minutes from the current
position in the log file.
d/D Move forward/backward 24 hours from the current
position in the log file.
1-6/Shift 1-6 Move to the next/previous n'th ten minute of the
hour. For example, '4' would move to the first
log line in the fortieth minute of the current
hour in the log. And, '6' would move to the next
hour boundary.
0/Shift 0 Move to the next/previous day boundary.
m Mark/unmark the line at the top of the display.
The line will be highlighted with reverse video to
indicate that it is a user bookmark. You can use
the 'u' hotkey to iterate through marks you have
added.
M Mark/unmark all the lines between the top of the
display and the last line marked/unmarked.
J Mark/unmark the next line after the previously
marked line.
K Like 'J' except it toggles the mark on the
previous line.
c Copy the marked text to the X selection buffer.
u/U Move forward/backward through any user bookmarks
you have added using the 'm' key.
s Toggle "scrubbing" of the input file to
hide/reveal parts of the timestamp and other
excessive/redundant information in each log line.
i View/leave a histogram of the log messages over
time. The histogram counts the number of
displayed log lines for each bucket of time. The
bars are layed out horizontally with colored
segments representing the different log levels.
You can use the 'z' hotkey to change the size of
the time buckets (e.g. ten minutes, one hour, one
day).
I Switch between the log and histogram views while
keeping the time displayed at the top of each view
in sync. For example, if the top line in the log
view is "11:40", hitting 'I' will switch to the
histogram view and scrolled to display "11:00" at
the top (if the zoom level is hours).
z/Shift Z Zoom in or out one step in the histogram view.
/<regexp> Start a search for the given regular expression.
The search is live, so when there is a pause in
typing, the currently running search will be
canceled and a new one started. History is
maintained for your searches so you can rerun them
easily. If there is an error encountered while
trying to interpret the expression, the error will
be displayed in red on the status line. While the
search is active, the 'hits' field in the status
line will be green, when finished it will turn
back to black.
:<command> Execute an internal command. The commands are
listed below. History is also supported in this
context as well as tab-completion for commands and
some arguments. The result of the command
replaces the command you typed.
;<sql> Execute an SQL query. Most supported log file
formats provide a sqlite virtual table backend
that can be used in queries. See the SQL section
below for more information.
COMMANDS
--------
unix-time <secs-or-date>
Convert a unix-timestamp in seconds to a
human-readable form or vice-versa.
BEWARE OF TIMEZONE DIFFERENCES.
current-time Print the current time in human-readable form and
as a unix-timestamp.
goto <line#|N%> Go to the given line number or N percent into the
file.
highlight <regex> Highlight strings that match the given regular
expression.
filter-in <regex> Only display lines that match the given regular
expression. This command can be used multiple
times to add more lines to the display.
filter-out <regex>
Do not display lines that match the given regular
expression. This command can be used multiple
times to remove more lines from the display. If a
'filter-in' expression is also active, it takes
priority and the filter-out will remove lines that
were matched by the 'filter-in'.
disable-filter <regex>
Disable an active 'filter-in' or 'filter-out'
expression.
enable-filter <regex>
Enable a inactive 'filter-in' or 'filter-out'
expression.
graph <regex> Graph the value of numbers in the file(s) over
time. The given regular expression should capture
the number to be displayed. For example:
my stats: (\d+\.\d+)
Will graph all the "stats" values found in the
file. XXX This is still mostly a toy...
append-to <file> Append any marked lines to the given file.
write-to <file> Write any marked lines to the given file.
SQL
---
WRITE ME
Reference in New Issue View Git Blame Copy Permalink