Aside from the bitmap font, this looks pretty much the same as it does now lol
I'll also add I used lnav more recently for viewing logs from many small lab devices centralized via syslog, it was extremely lightweight and effective.
Kinda neat but I had trouble using it. Not sure what it is doing or what it is even showing me. I'd recommend a more CUA-esque interface like turbo vision, the msedit of old, or micro if it had a menu.
If I have to read the manual, if it isn't blindingly obvious how to use, I'd rather just use journal or tail -f.
Also a nitpick but the colors are quite garish, perhaps 256 colors and muted or monochrome effects if possible. For some reason the colors on the site screenshot are less saturated than the one packaged in my distro, fedora, 0.12.4.
In my opinion logfile navigator is much better than grafana, I use grafana to view a lot of microservices docker logs, but it's too tedious for me (even if depends on your specific use case).
This one, on the other hand, is cleaner and lets you find what you're looking for quickly. And, last but not least, is much lighter.
Interesting, I want to try this for debugging our AI gateway when you're routing requests across 20+ LLM providers, the logs get noisy fast. Being able to filter by log level, jump between errors, and run SQL-style queries against structured logs in the terminal sounds like a huge time saver. No more grepping through multi-GB log files.
So, I started it and was doing something but there is no obvious way to exit. I tried Q,q, Ecc, :q.
I tried `man lnav` in separate terminal - but no man page is provided.
`ps` shows 3 processes which would not die with SIGTERM, have to `kill -9`.
But nice web site :)
> but there is no obvious way to exit. I tried Q,q
It's not very responsive during initial indexing, which is something I need to improve. Pressing `q` should work to exit in general, though. Pressing CTRL-C three times in quick succession will force quit it.
It would help to know which version you tried. Things have gotten better over the years.
> I tried `man lnav` in separate terminal - but no man page is provided.
A man page exists, but only contains basic information. The builtin help text is much more extensive and can be viewed by running:
> `ps` shows 3 processes which would not die with SIGTERM, have to `kill -9`.
Older versions of lnav would use readline for the prompt and had to run it in a separate process because of "reasons". More recent versions have a custom prompt and don't require the extra processes.
I've been using klogg and if you're more into GUI's then I think it's the best there is. It opens and searches in log files of many gigabytes with easy. It's a simple and clean multiplatform QT app.
I tried lnav about 7-8 years ago and as a terminal junkie I really liked the features.
The only breaking thing was a huge (almost bloated) memory consumption. At that time lnav basically just kept everything in memory. Does anyone did that change?
According to the linked homepage, the memory usage seems decent (few hundred megs for most use cases when working with a 3.3G logfile). There's a screenshot with various tasks and what the peak memory usage is.
At some point you need to keep quite a large context in memory to have both decent performance and useful features (that aren't unbearably slow to use). lnav seems to land at a reasonable middle ground.
> At that time lnav basically just kept everything in memory.
lnav has never really kept the contents of files in memory. It does build an index of every line in a file. One exception is that it will decompress small gzip files and keep them in memory as a tradeoff from decompressing on the fly.
The memory consumption has never been a problem for me. So, it's not something I've ever focused on.
Yep, I would say the stiffest competition for lnav is the old tools[1]. I would just hope folks could have an open mind and give "new" things a chance (although lnav has been on github for 17 years).
Speaking as the author, I too wish it was written in Rust. But, I started it in 2007 when I needed to get practice with C++ for work. At this point, there's so much code in lnav, rewriting would be a long process. There are some sub-components[1] that are written in Rust though.
A new project called logana[2] is written in Rust and is headed in a good direction. Use/contribute to that if you're really interested.
Just so we're clear, this was more or less a joke!
As far as I'm concerned, lnav is just fine as it is. There's no urgent need to rewrite it.
Why I wrote the comment:
I saw the headline, checked out the website, and thought to myself, “Hey, cool—a new handy tool.”
As is typical for “cool new and handy tools,” these are usually written in Rust these days ;)
That’s why I was “disappointed” (not really).
I didn’t realize until later that lnav was created in 2007.
Again: the tool is great, thanks and kudos to tstack for the work.
Super useful tool but need to be aware that this is reading potentially untrusted input (e.g. in the case of http request logs) and written in c++, so a possible attack vector. I use lnav where I trust the logs, but do wish a safe implementation existed.
Oh yeah! lnav is famous. I remember using it like a decade ago to monitor an array of web servers while at GoDaddy; good ol' times.
First commit is from Sep 13, 2009: https://github.com/tstack/lnav/commit/b4ec432515e95e86ec9d71... . Woah! we’re old.
This is what the UX looked like back in the day: https://github.com/tstack/lnav/commit/bce2caa654160518ec11f6...
Aside from the bitmap font, this looks pretty much the same as it does now lol
I'll also add I used lnav more recently for viewing logs from many small lab devices centralized via syslog, it was extremely lightweight and effective.
Wow, the GitHub mobile app doesn't preview PNGs. TIL
GitHub website does on mobile.
GitHub mobile requires login, sadly.
I'm not seeing them on Chrome on Windows either, but FF works for me.
https://mpryor.github.io/nothing-less/
Kinda neat but I had trouble using it. Not sure what it is doing or what it is even showing me. I'd recommend a more CUA-esque interface like turbo vision, the msedit of old, or micro if it had a menu.
If I have to read the manual, if it isn't blindingly obvious how to use, I'd rather just use journal or tail -f.
Also a nitpick but the colors are quite garish, perhaps 256 colors and muted or monochrome effects if possible. For some reason the colors on the site screenshot are less saturated than the one packaged in my distro, fedora, 0.12.4.
> Kinda neat but I had trouble using it. Not sure what it is doing or what it is even showing me.
Can you elaborate a little more? lnav behaves like a pager with the conventional hotkeys for basic stuff. I'm not sure what else you are expecting.
> Also a nitpick but the colors are quite garish
I enjoy colors, so there's a lot going on by default. There are several themes builtin. You can configure the "grayscale" theme by running:
> ssh playground@demo.lnav.org
Really appreciate this way to demo it quickly, very nice!
Just be aware of the risks! https://security.stackexchange.com/questions/38128/what-are-...
This is almost the thing I want and need. What I need is some sort of TUI grafana - Json log splitter/organizer/finder
In my opinion logfile navigator is much better than grafana, I use grafana to view a lot of microservices docker logs, but it's too tedious for me (even if depends on your specific use case).
This one, on the other hand, is cleaner and lets you find what you're looking for quickly. And, last but not least, is much lighter.
Currently working exactly on that https://gitlab.com/makapuf/treewalker (even if it could always use some love)
A good friend of mine made this: https://github.com/DhruvikDonga/log_analyzer
I use vnlog and feedgnuplot to massage and plot data on the console all the time. It's even less than a tui, but might be what you want.
If you're fine with CLIs, maybe my Kelora project is worth a look. It's a very flexible log processor with built-in scripting: https://kelora.dev
Interesting, I want to try this for debugging our AI gateway when you're routing requests across 20+ LLM providers, the logs get noisy fast. Being able to filter by log level, jump between errors, and run SQL-style queries against structured logs in the terminal sounds like a huge time saver. No more grepping through multi-GB log files.
I wish I had found this earlier. Nothing like looking at thousands of EV charger logs all day to mak you appreciate something like this.
So, I started it and was doing something but there is no obvious way to exit. I tried Q,q, Ecc, :q. I tried `man lnav` in separate terminal - but no man page is provided. `ps` shows 3 processes which would not die with SIGTERM, have to `kill -9`. But nice web site :)
Oof, sorry you had such a bad experience.
> but there is no obvious way to exit. I tried Q,q
It's not very responsive during initial indexing, which is something I need to improve. Pressing `q` should work to exit in general, though. Pressing CTRL-C three times in quick succession will force quit it.
It would help to know which version you tried. Things have gotten better over the years.
> I tried `man lnav` in separate terminal - but no man page is provided.
A man page exists, but only contains basic information. The builtin help text is much more extensive and can be viewed by running:
There is also the documentation website: https://docs.lnav.org/> `ps` shows 3 processes which would not die with SIGTERM, have to `kill -9`.
Older versions of lnav would use readline for the prompt and had to run it in a separate process because of "reasons". More recent versions have a custom prompt and don't require the extra processes.
I don't know how you got it but q and Q closes it, and there is a man page on my system at least.
This looks great.
I've been using klogg and if you're more into GUI's then I think it's the best there is. It opens and searches in log files of many gigabytes with easy. It's a simple and clean multiplatform QT app.
https://github.com/variar/klogg
The problem with GUIs is that AFAIK they need to be installed on the machine the logs you are reading are on so a heavy install on a server.
Qt still runs over X11. You can just have the app and support libs for remote display without a full desktop environment.
Looks very useful, will give it a go.
This resonates with my use of grep+less: https://github.com/tstack/lnav?tab=readme-ov-file#why-not-ju...
A discussion from 3 years ago. https://news.ycombinator.com/item?id=34243520
I tried lnav about 7-8 years ago and as a terminal junkie I really liked the features.
The only breaking thing was a huge (almost bloated) memory consumption. At that time lnav basically just kept everything in memory. Does anyone did that change?
According to the linked homepage, the memory usage seems decent (few hundred megs for most use cases when working with a 3.3G logfile). There's a screenshot with various tasks and what the peak memory usage is.
At some point you need to keep quite a large context in memory to have both decent performance and useful features (that aren't unbearably slow to use). lnav seems to land at a reasonable middle ground.
> At that time lnav basically just kept everything in memory.
lnav has never really kept the contents of files in memory. It does build an index of every line in a file. One exception is that it will decompress small gzip files and keep them in memory as a tradeoff from decompressing on the fly.
The memory consumption has never been a problem for me. So, it's not something I've ever focused on.
Must have tool!
Just out of curiosity, is there a log file viewer that ISN'T for the terminal?
every editor ever :)
I was looking for something like this, Appreciate it!
I've always just used less(1).
Yep, I would say the stiffest competition for lnav is the old tools[1]. I would just hope folks could have an open mind and give "new" things a chance (although lnav has been on github for 17 years).
[1] - https://lnav.org/2013/09/10/competing-with-tail.html
This looks genuinely useful.
This is very helpful
very nice, definitely will use it
It's a nice tool but I really wish the configuration wasn't done in json and loaded from $XDG_CONFIG_HOME.
I'm a little disappointed that it's not written in Rust.
Speaking as the author, I too wish it was written in Rust. But, I started it in 2007 when I needed to get practice with C++ for work. At this point, there's so much code in lnav, rewriting would be a long process. There are some sub-components[1] that are written in Rust though.
A new project called logana[2] is written in Rust and is headed in a good direction. Use/contribute to that if you're really interested.
[1] - https://github.com/tstack/lnav/tree/master/src/third-party/l...
[2] - https://github.com/pauloremoli/logana/
Thanks for the reply and the tip about logana.
As I mentioned in the following comment[1], that was meant more as a joke. Thanks for your work!
[1] - https://news.ycombinator.com/item?id=47514276
How would this improve the functionality of lnav?
Just so we're clear, this was more or less a joke! As far as I'm concerned, lnav is just fine as it is. There's no urgent need to rewrite it.
Why I wrote the comment: I saw the headline, checked out the website, and thought to myself, “Hey, cool—a new handy tool.” As is typical for “cool new and handy tools,” these are usually written in Rust these days ;) That’s why I was “disappointed” (not really).
I didn’t realize until later that lnav was created in 2007.
Again: the tool is great, thanks and kudos to tstack for the work.
I sense an opportunity for you.
Super useful tool but need to be aware that this is reading potentially untrusted input (e.g. in the case of http request logs) and written in c++, so a possible attack vector. I use lnav where I trust the logs, but do wish a safe implementation existed.
Memory safety doesn't mean it's safe. And C++ doesn't mean it's unsafe.
Browsers are in C++, do you not use them? Curl is in C, do you not use it? Kernel is C...
Chrome uses sandboxing and a lot of safe tooling (wuffs, rust) for untrusted data.
curl is heavily fuzzed and you still mostly control what you are downloading unless the target is compromised.
With logs the attacker controls what goes into your logs.
And you don't need to really look very hard, there are a fair number of very recent stack and heap overflows: https://github.com/tstack/lnav/issues?q=is%3Aissue%20heap%20...