| Log File Navigator, or lnav for short, is an advanced log file viewer for small-scale Linux . It's a terminal application that understands your log files, making it easy to find problems, and requires little setup. |
lnav can decompress all compressed log files on the fly and merge them together for a nice display. The display is parsed and formatted according to the type of error/warning - this is helpful for quick browsing of thousands of logs, especially in servers.
Timestamps are very important when analyzing logs. So lnav merges multiple logs based on timestamps, which is very helpful for tracking down system problems.
Most important log file format detections are built-in, see below:
- Common Web Access Log Format
- CUPS page_log
- Syslog
- Hawthorn
- VMware ESXi/vCenter logs
- dpkg.log
- uwsgi
- "Generic" - any message starting with a timestamp
- Strace
- sudo
- GZIP、BZIP
That's not all, lnav also has the following features which make it an important application for Linux systems.
- Filter messages based on regular expressions
- wrong timeline view
- Pretty print view - helpful for reformatting
- Query logs using SQL
- Logs are updated in real time as they are searched
Syntax highlighting via regex (assuming you want to find an IP address in the entire log)
Tab complete any word from the displayed log!
The screenshot above shows a syslog file. Log lines are highlighted. Errors are red, warnings are yellow. To see the features on the screenshots above and learn more, visit this page.
how to install
The latest version of Lnav is 0.10.1.
Under Debian/Ubuntu/LinuxMint you can use the following command to install:
linuxmi@linuxmi:~/www.linuxmi.com$ sudo snap install lnav
Install lnav on RHEL/ CentOS
linuxmi@linuxmi:~/www.linuxmi.com$ sudo yum install lnav
Install lnav on Fedora
linuxmi@linuxmi:~/www.linuxmi.com$ sudo dnf install lnav
Install lnav on openSUSE
linuxmi@linuxmi:~/www.linuxmi.com$ sudo zypper install lnav
[Install lnav on Mageia]
linuxmi@linuxmi:~/www.linuxmi.com$ sudo urpmi lnav
Install lnav on Arch Linux based systems
linuxmi@linuxmi:~/www.linuxmi.com$ yaourt -S lnav
You can also use the compiled binary file (just an executable lnav), which can be run through the terminal after decompression in Ubuntu, Linux Mint, Fedora, RHEL, etc. (./lnav).
How to use
You can execute it without arguments to see the default fileset.
linuxmi@linuxmi:~/www.linuxmi.com$ lnav
Use lnav to view a specific log file
To view a specific log file with lnav , add the log file path after the lnav command . For example we want to see the /var/log/dpkg.log log file. As shown below:
linuxmi@linuxmi:~/www.linuxmi.com$ lnav /var/log/dpkg.log
View multiple log files
linuxmi@linuxmi:~/www.linuxmi.com$ lnav /var/log/dpkg.log /var/log/kern.log
View compressed log files
linuxmi@linuxmi:~/www.linuxmi.com$ lnav -r /var/log/Xorg.0.log.old.gz
Histogram view
First run lnav and press i to switch to/out of histogram view.
View log parser results
First run lnav and then press p to open show log parser results. Use lnav to view a specific log file
To view a specific log file with lnav, add the log file path after the lnav command. For example we want to see the /var/log/dpkg.log log file.
syntax highlighting
You can search for any given string and it will be highlighted on the screen. First run lnav then press / and enter the string you want to find. To test, I searched for the string ubuntu, see the screenshot below.
You can report issues you encounter on GitHub.