lnav-zero-in-problems

Excellent Utilities: lnav – the log file navigator

This is the second in a new series highlighting best-of-breed utilities. We’ll be covering a wide range of utilities including tools that boost your productivity, help you manage your workflow, and lots more besides. For this article, we’ll put lnav under the spotlight.

lnav is a curses-based utility for viewing and analyzing log files. The software is designed to extract useful information from log files, making it easy to perform advanced queries. Think of lnav as an enhanced log file viewer.

For many years system and kernel logs were handled by a utility called syslogd. Most Linux-based operating systems have since moved to systemd, which has a journal. That’s a giant log file for the whole system. Various software and services write their log entries into systemd’s journalctl. lnav can consume the JSON version of journalctl’s output. And it supports a wide range of other log formats. For systems running systemd-journald, you can also use lnav as the pager.

We included a couple of log analyzers in our Essential System Tools feature. And lnav wouldn’t be totally out of place in that feature. lnav is optimized for small-scale deployments.

Installation

The developers provide a generic 64-bit statically linked binary, as well as statically linked 64-bit binaries for RPM and DEB package formats. There’s also a snap available.

As the full source code is available, you can compile and install the software yourself.

$ git clone https://github.com/tstack/lnav.git
$ cd lnav
$ ./autogen.sh
$ ./configure
$ make -j4
$ sudo make install

The configure command didn’t initially work, as our Ubuntu system was bizarrely missing libsqlite3-dev. Installing that package with the command fixed the issue.

$ sudo apt install libsqlite3-dev

One word about the make command, the -j flag tells make that it’s instructed to spawn the provided amount of ‘threads’. Ideally each thread is executed on its own core/CPU, so your multi-core/CPU machine is used to its maximum. This speeds up compilation.

There’s no setup or configuration for lnav, and it automatically detects most log formats, so you only need to point this tool at the logfile you want to investigate.

Next page: Page 2 – In Operation

Pages in this article:
Page 1 – Introduction / Installation
Page 2 – In Operation
Page 3 – Other Features
Page 4 – Summary


Complete list of articles in this series:

Excellent Utilities
tmuxA terminal multiplexer that offers a massive boost to your workflow
lnavAdvanced log file viewer for the small-scale; great for troubleshooting
PaperworkDesigned to simplify the management of your paperwork
AbricotineMarkdown editor with inline preview functionality
mdlessFormatted and highlighted view of Markdown files
fkillKill processes quick and easy
TuskAn unofficial Evernote client with bags of potential
UlauncherSublime application launcher
McFlyNavigate through your bash shell history
LanguageToolStyle and grammar checker for 30+ languages
pecoSimple interactive filtering tool that's remarkably useful
Liquid PromptAdaptive prompt for Bash & Zsh
AnanicyShell daemon created to manage processes’ IO and CPU priorities
cheat.shCommunity driven unified cheat sheet
ripgrepRecursively search directories for a regex pattern
exaA turbo-charged alternative to the venerable ls command
OCRmyPDFAdd OCR text layer to scanned PDFs
WatsonTrack the time spent on projects
fontpreviewQuickly search and preview fonts
fdWonderful alternative to the venerable find
Share this article

Share your Thoughts

This site uses Akismet to reduce spam. Learn how your comment data is processed.