tailtales 0.1.7

Flexible log viewer for logfmt and other formats with filtering, filtering expressions, and real-time pipe following.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183

# colors:
#  * black
#  * red
#  * green
#  * yellow
#  * blue
#  * magenta
#  * cyan
#  * gray
#  * darkgray
#  * lightred
#  * lightgreen
#  * lightyellow
#  * lightblue
#  * lightmagenta
#  * lightcyan
#  * white

global:
  reload_on_truncate: false
  colors:
    normal: white black
    highlight: white darkgray
    table:
      header: black lightgreen
    details:
      title: green black
      key: green black
      value: yellow black
      border: green black

# this is the URL to open when press F1. The {} will be replaced with the selected text
help_url: https://duckduckgo.com/?q={}
# help_url: https://www.perplexity.ai/search/new?q={}
# help_url: https://google.com/search/?q={}
# help_url: https://chatgpt.com/?q={}

# If called without any argument, this is what it opens.
# With ! at the begining it will execute the command with the rest of the argumments
default_arguments:
  - "!journalctl"
  - -f
  - --since
  - today

# Uses the file_patterns to determine which rules to apply
# Can be expanded at your ~/.config/tailtales/settings.yaml
rules:
  - name: apache
    file_patterns:
      - access\.log
      - apache/.*\.log
    extractors:
      # Common Log Format, see http://httpd.apache.org/docs/2.0/logs.html#common
      #  127.0.0.1 - frank [10/Oct/2000:13:55:36 -0700] "GET /apache_pb.gif HTTP/1.0" 200 2326
      - pattern <ip> - <user> [<timestamp>] "<method> <url> <protocol>" <status> <bytes>
      - transform timestamp iso8601
    filters:
      - name: errors
        expression: status ~ "5\d\d"
        highlight: white red
      - name: not_found
        expression: status == 404
        gutter: yellow
      - name: successful
        expression: status == 200
        gutter: green
      - name: too big
        expression: bytes > 1000000
      - name: empty requests
        expression: bytes == 0
    columns:
      - name: timestamp
        width: 25
      - name: ip
        width: 15
      - name: method
        width: 5
      - name: url
        width: 30
      - name: protocol
        width: 10
      - name: status
        width: 5
      - name: bytes
        width: 10
        align: right

  - name: dpkg
    file_patterns:
      - dpkg\.log
    extractors:
      - regex (?P<timestamp>\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2}) (?P<action>startup archives unpack|upgrade|status half-configured|status unpacked|status half installed|status triggers pending|configure)
      - regex (?P<package>[\w\d\.-]+):(?P<arch>\w+) (?P<version>\d.*)
    columns:
      - name: line_number
        width: 6
        align: right
      - name: action
        width: 16
      - name: package
        width: 16
      - name: version
        width: 8

  - name: nginx
    file_patterns:
      - nginx/*.log
    extractors:
      # 127.0.0.1 - - [02/Jan/2024:12:10:46 +0100] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0"
      - pattern <ip> - <user> [<timestamp>] "<method> <url> <protocol>" <status> <bytes> "<referer>" "<user_agent>"
      - transform timestamp iso8601
    filters:
      - name: errors
        expression: status ~ "5\d\d"
        color: white red
      - name: not_found
        expression: status == 404
        color: white yellow
      - name: successful
        expression: status == 200
        color: white green
      - name: too big
        expression: bytes > 1000000
      - name: empty requests
        expression: bytes == 0

  - name: json
    file_patterns:
      - .*\.json
    extractors:
      - json
    filters:
      - color: white red
        expression: level == "error"
      - color: white yellow
        expression: level == "warning"
      - color: white green
        expression: level == "info"

  - name: django
    file_patterns:
      - django/.*\.log
    extractors:
      - pattern <timestamp> <level> <module> <message>
      - transform timestamp iso8601
    filters:
      - name: errors
        expression: level == "ERROR"
        highlight: white red
      - name: warnings
        expression: level == "WARNING"
        highlight: white yellow
      - name: infos
        expression: level == "INFO"
        highlight: white green
      - name: debug
        expression: level == "DEBUG"
        highlight: white blue

  - name: journald
    file_patterns:
      - /var/log/journal/
    extractors:
      - journald

  - name: default
    file_patterns:
      - ".*"
    extractors:
      - logfmt
      # - json
      - regex (?P<timestamp>\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2})
      - regex (?P<timestamp>\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{3}Z)
      - regex (?P<level>info|warning|error|debug|warn)
      - regex (?P<date>\d{4}-\d{2}-\d{2})
      - regex (?P<what>status|upgrade|startup)
    columns:
      - name: line_number
        align: right
        width: 5
      - name: timestamp
        width: 19