yannweb
/
ttail
Watch 2
Star 1
Fork 0
Code Issues 3 Pull Requests 0 Releases 2 Activity
Labels Milestones
New Issue

#9 Unable to detect date format from nginx log files

Closed
opened 7 years ago by matorban · 1 comments
matorban commented 7 years ago

HOST - - [29/Sep/2015:19:52:02 +0200] “GET http://blabla HTTP/1.1” 200 4551 “-” “sfFeedReader/0.9”

This kind of format (nginx servor log) seems to not support by ttail. I get some huge anonymize log for test..

HOST - - [29/Sep/2015:19:52:02 +0200] "GET http://blabla HTTP/1.1" 200 4551 "-" "sfFeedReader/0.9" This kind of format (nginx servor log) seems to not support by ttail. I get some huge anonymize log for test..
yannweb referenced this issue from a commit 7 years ago
Fix #9 add nginx date format to ttail.h
yannweb closed 7 years ago
yannweb commented 7 years ago
Owner

Thank’s for the comment.

In fact ttail was not able to autodetect nginx date format. But the programm should work using those options : 

ttail -Er “^[^[]+[” -f “%d/%B/%Y:%H:%M:%S” -d “#-1h” /path/to/logs/access.log

There was 2 reason for autodetection not working problem :

  • the format “%d/%B/%Y:%H:%M:%S” is not in the list of format that ttail will try when autodetecting formats
  • there is a prefix before the date

I added the “%d/%B/%Y:%H:%M:%S” to the list of formats (in src/include/ttail.h ), but you will still have to give the -E -r prefix arguments !

Thank's for the comment. In fact ttail was not able to autodetect nginx date format. But the programm should work using those options : <pre> ttail -Er "^[^\[]+\[" -f "%d/%B/%Y:%H:%M:%S" -d "#-1h" /path/to/logs/access.log </pre> There was 2 reason for autodetection not working problem : - the format "%d/%B/%Y:%H:%M:%S" is not in the list of format that ttail will try when autodetecting formats - there is a prefix before the date I added the "%d/%B/%Y:%H:%M:%S" to the list of formats (in src/include/ttail.h ), but you will still have to give the -E -r prefix arguments !
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
bug duplicate enhancement help wanted invalid question wontfix
No Label
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
Milestone
Clear milestone
No Milestone
Assignees
Clear assignees
No Assignees
2 Participants
Due Date

No due date set.

Dependencies

This issue currently doesn't have any dependencies.

Write Preview
Loading…
Cancel
Save
There is no content yet.
Delete Branch '%!s(MISSING)'

Deleting a branch is permanent. It CANNOT be undone. Continue?

No
Yes