lnav

View logs of a program, specifying log files, directories or URLs

$ lnav [path/to/log_or_directory|url]

$ lnav [ssh] [user]@[host1.example.com]:[/var/log/syslog.log]

$ lnav -C [path/to/log_directory]

lnav [options] [logfile1 logfile2 ...]

-a
    Load all recently accessed files.

-c
    Load the configuration file.

-d
    Use the given SQLite database file to persist data. (Defaults to ~/.lnav/lnav.db)

-f
    Follow any new log files added.

-i
    Rebuild the index database from scratch.

-l
    List available log formats.

-n
    Do not load the previous history.

-r
    Load files in reverse chronological order.

-t
    Prepend timestamps to the log messages.

-V
    Show version information.

-x
    Evaluate an expression after the logs have loaded.

-w
    Add a global filter.

lnav is a powerful, curses-based log file viewer that intelligently analyzes and formats log messages from various sources.

It automatically detects log formats like syslog, common web server logs, and glog, enabling users to quickly browse, filter, and correlate events across multiple files. lnav's key features include timeline views, automatic log level detection, SQL queries against log data, and the ability to execute Python scripts for custom analysis. It is invaluable for debugging applications, monitoring system performance, and analyzing security logs efficiently.

lnav focuses on providing an intuitive and interactive experience, leveraging color coding, search capabilities, and powerful filtering to extract valuable insights from voluminous log data. It aims to be more than just a log viewer; it's a complete log analysis environment.

lnav's performance can degrade when dealing with extremely large log files, especially if they are not well-structured.

Custom log format parsing requires familiarity with lnav's configuration language, which can have a learning curve.

lnav uses a variety of keybindings for navigation and filtering. Some important keys include: q to quit, / to search, n and N to navigate search results, p to go to previous file, and P to go to next file.

lnav allows you to define your own log formats using XML or JSON. This allows lnav to understand and parse custom log formats not automatically detected. This is extremely powerful for analyzing logs from proprietary applications.

lnav lets you query log data using SQL. Each log message is parsed into columns that can be used in SQL queries. This allows complex filtering and aggregations.

lnav was created by Tim Raffenberg with the primary goal of improving the experience of navigating and analyzing log files.

Its development focused on automatic format detection, powerful filtering, and correlation to streamline the debugging and troubleshooting process, which was originally released in 2011. Over the years, lnav has gained popularity among developers and system administrators for its advanced features and user-friendly interface.

tail(1), grep(1), less(1), awk(1)