分析 log
- gitHub: https://github.com/tstack/lnav
安裝
sudo apt install lnav
使用方式
查看壓縮的日誌檔案:
lnav -r /var/log/Xorg.0.log.old.gz
從標準輸入讀取
journalctl -f | lnav
- sql 模式
按下 分號 ; 即可進入
SELECT * FROM all_logs;
查詢做有的 table
.schema 可以知道所有的 table
SELECT name FROM sqlite_master WHERE type='table';
圖表功能
- 直方圖 (Histogram) 視圖 (i 鍵):
HIST ❭
Thu Jun 05 02:20:00 192 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 02:25:00 30 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 11:55:00 3,000 normal 53 errors 9 warnings 0 marks │
Thu Jun 05 12:00:00 10 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 12:05:00 17 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 12:10:00 109 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 12:15:00 10 normal 6 errors 0 warnings 0 marks │
Thu Jun 05 12:20:00 190 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 12:25:00 26 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 12:30:00 6 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 12:40:00 6 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 12:45:00 1 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 12:50:00 6 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 12:55:00 30 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 13:00:00 6 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 13:05:00 67 normal 2 errors 2 warnings 0 marks │
Thu Jun 05 13:10:00 6 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 13:15:00 4 normal 4 errors 0 warnings 0 marks │
Thu Jun 05 13:20:00 10 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 13:25:00 30 normal 2 errors 0 warnings 0 marks │
Thu Jun 05 13:30:00 8 normal 2 errors 0 warnings 0 marks │
Thu Jun 05 13:35:00 2 normal 4 errors 0 warnings 0 marks │
Thu Jun 05 13:40:00 55 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 13:50:00 6 normal 0 errors 0 warnings 0 marks │
Thu Jun 05 13:55:00 71 normal 0 errors 0 warnings 0 marks │