fblog
A small tool to view json log files.
Print specific fields
fblog -a message -a "status > a" sample_nested.json.logPrefix Logs
If your query docker or kubectl for multiple pods it will prefix
the log lines: PODNAME | {"message": "test"}. fblog can parse this and add it to
the message. Just use -p.
Filter
To filter log messages it is possible to use lua. If you are unsure
which variables are available you can use --print-lua to see the
code generated by fblog.
fblog -f 'level ~= "info"' # will print all message where the level is not info
fblog -f 'process == "play"' # will print all message where the process is play
fblog -f 'string.find(fu, "bow.*") ~= nil' # will print all messages where fu starts with bow
fblog -f 'process == "play"' # will print all message where the process is play
fblog -f 'process == "rust" and fu == "bower"'
fblog --no-implicit-filter-return-statement -f 'if 3 > 2 then return true else return false end'
# not valid lua identifiers like log.level gets converted to log_level.
# Every character that is not _ or a letter will be converted to _
fblog -d -f 'log_level == "WARN"' sample_elastic.log
# nested fields are converted to lua records
fblog -d -f 'status.a == 100' sample_nested.json.log
# array fields are converted to lua tables (index starts with 1)
fblog -d -f 'status.d[2] == "a"' sample_nested.json.logCustomize
fblog tries to detect the message, severity and timestamp of a log
entry. This behavior can be customized. See --help for more
information.
You can customize fblog messages: Format output:
fblog -p --main-line-format "{{#if short_message}}{{ red short_message }}{{/if}}" sample.json.logThe following sanitized variables are provided by fblog:
- fblog_timestamp
- fblog_level
- fblog_message
- fblog_prefix
For the default formatting see --help
Nested values are registered as objects. So you can use nested.value to access nested values.
handlebar helpers:
- bold
- yellow
- red
- blue
- purple
- green
- color_rgb 0 0 0
- uppercase
- level_style
- fixed_size 10
NO_COLOR
fblog disables color output if the NO_COLOR environment variable is present.
Message placeholder substitution
Placeholders in the message (fblog_message) can be substituted with their corresponding values in a context object or array.
To enable substitutions, pass the -s flag or either set context key (-c context) or placeholder format (-F {key}).
Note that the placeholder format should be written like <PREFIX>key<SUFFIX>, where it would match a placeholder with the key key.
Example
Given the following log (referred to as example.log):
{"message": "Found #{count} new items.", "extra_data": {"count": 556}, "level": "info"}Running with the following arguments:
fblog -c extra_data -F '#{key}' example.logResult:
Installation
cargo install fblogAvailable in package managers: AUR, brew
Log tailing
fblog does not support native log tailing but this is easily achiveable.
tail -f file | fblogOr with kubernetes tooling for example
kubectl logs -f ... | fblogIn general you can pipe any endless stream to fblog.
Discord
In the case you want to talk about new features or give us direct feedback,
you can join the Discord (Thanks @rawkode) in the channel #fblog.