Querying Log Files
  • Dark
    Light
  • PDF

Querying Log Files

  • Dark
    Light
  • PDF

Using GREP or Similar Command Line Tools

The log files can be queried using basic command line tools such as grep to search the file for a given pattern. For example, if a user wanted to find any API requests made by a user named admin for the logfile named webserver.log, they could use the following command:

grep '"remote_user":"admin"' webserver.log

In order to retrieve all the times a user has made a request to a specific route, such as GET /health/system for example, they could use the following command:

grep -E '"url":"/health/system"' webserver.log | grep '"verb":"GET"'

There are many other ways grep and similar command line tools can be used to query information from the JSON logs. Since all data values are preceded by a key, such as url or remote_user, it is possible to do standard queries on any value.

Using Third-Party Visualization Tools

The log format used by the access log should work with various third-party tools which support a standard JSON log format. These can be used for more advanced queries or visualization of logging information.