glogg: handle large log files

glogg_compAnalyzing large log files (we are talking of GBs) can be quite messy as most of the regular editors try to load the whole file in the memory as it is. glogg can handle the situation at ease. The GUI is written in Qt and the logic is a combination of the grep and less commands on Linux. Here are the features of this great tool (copied directly from the website):

  • Runs on Unix-like systems, Windows and Mac thanks to Qt
  • Provides a second window showing the result of the current search
  • Supports grep/egrep like regular expressions
  • Colorizes the log and the search results
  • Displays a context view of where in the log the lines of interest are
  • Is fast and reads the file directly from disk, without loading it into memory
  • Follows a log written to disk in real time
  • Allow to insert marks in the logs to interesting lines
  • Supports vim/less like keyboard commands to move around the file
  • Is open source, released under the GPL

Webpage: glogg

ccze: colorize your logs

ccze_comp

Analyzing huge logs in a text editor without any colorization can be a pain. ccze can colorize any kind of log by inserting ANSI color codes in the log on recognizing token patterns. It comes with many plugins that support standard log formats like syslog, squid, vsftpd etc. (and many more). But while testing it I noticed that it can even colorize arbitrary logs pretty well as you see above. It has many other options and switches to fine tune things according to your needs (Ref: man page). Available in synaptic on Ubuntu.

You can use ccze to monitor live logs:

$ tail -f -n 20 /var/log/syslog | ccze

Or you can export the color-coded log to a file and then view it using less which can understand embedded ANSI color codes:

$ ccze -m ansi < build.log > log.txt //with intermediate file, say, for large files
$ less -r log.txt

$ ccze -m ansi < build.log | less -r //no intermediate file

Webpage: ccze