Like the command-line tool 'grep', this tool searches across log files to extract lines matching the provided pattern(s). The benefits of using this tool over grep are its ability to handle multi-line log messages, extract log messages within a given time range, and the inclusion of rotated log files.
search-logs loopback
search-logs --useRegex --logFile ../logs/access --excludeRotated \ --matchAny "resultCode=[1-9]" 'etime=\d{4,}'
search-logs --startTime "[01/Jul/2015:00:00:00.000 -0000]" \ --endTime "[31/Jul/2015:11:59:59.999 -0000]" error
search-logs --startTime 2016-07-01T00:00:00.000-0000 \ --endTime 2016-07-31T11:59:59.999-0000 error
search-logs --startTime access.20150723193136Z --endTime access.20150723193138Z \ error
search-logs conn=1001 op=42
-V
--version
Description | Display Directory Server version information |
-H
--help
Description | Display general usage information |
--help-debug
Description | Display help for using debug options |
Advanced | Yes |
-f {/path/to/file}
--logFile {/path/to/file}
Description | Path to log file to search. All logs defined in configuration are searched by default |
Required | No |
Multi-Valued | Yes |
--encryptionPassphraseFile {path}
Description | The path to a file that contains the passphrase needed to decrypt any encrypted log files that are encountered. If encrypted data is encountered and this is not provided, then the tool will interactively prompt for the encryption passphrase. If a passphrase file is provided, then it must contain exactly one line that consists entirely of the passphrase |
Required | No |
Multi-Valued | No |
-d {/path/to/dir}
--logDir {/path/to/dir}
Description | Path to directory with log files to search. Cannot be used at the same time as logFile |
Required | No |
Multi-Valued | Yes |
--excludeRotated
Description | Will not search through rotated logs |
--startTime {timestamp}
Description | Only include log messages starting at and after the given time. This can be paired with the --endTime option to restrict matched log lines to a time range. The two major formats are the standard log format of [dd/MMM/yyyy:HH:mm:ss Z] and the JSON format of yyyy-MM-dd'T'hh:mm:ssZ, where Z is a valid time zone offset. Both formats support millisecond resolution by writing .SSS after the seconds field. Additionally, rotated log file names may be used as a timestamp. ex: --startTime access.20150723193137Z |
Required | No |
Multi-Valued | No |
--endTime {timestamp}
Description | Only include log messages ending at and before the given time. This can be paired with the --startTime option to restrict matched log lines to a time range. The two major formats are the standard log format of [dd/MMM/yyyy:HH:mm:ss Z] and the JSON format of yyyy-MM-dd'T'hh:mm:ssZ, where Z is a valid time zone offset. Both formats support millisecond resolution by writing .SSS after the seconds field. Additionally, rotated log file names may be used as a timestamp. ex: --endTime access.20150723193137Z |
Required | No |
Multi-Valued | No |
-e
--useRegex
Description | Search arguments will be treated as regular expressions in the format provided by the java.util.regex.Pattern class. Arguments must be enclosed in quotes |
--matchAny
Description | Returns log messages that contain any of the defined search patterns. Default behavior is to return log messages that match every defined search pattern |
-v {pattern}
--excludePattern {pattern}
Description | Returns log messages that do not match the following search patterns. Can be combined with a positive search |
Required | No |
Multi-Valued | Yes |
--excludeAny
Description | Excludes log messages that match any of the exclude patterns. The default is to exclude messages that match all of the exclude patterns |
-i
--ignoreCase
Description | Search patterns are case sensitive by default. Use this argument to make searches case insensitive. File names will always be case sensitive |
--maxLines {integer}
Description | Number of lines to read from a log before moving onto the next one. Use this with large log files to limit the size of the output |
Lower Bound | 1 |
Required | No |
Multi-Valued | No |
-B {integer}
--beforeContext {integer}
Description | Include this many lines of context before any log message that is printed |
Lower Bound | 0 |
Required | No |
Multi-Valued | No |
-h
--noFileName
Description | Do not include filename: prefix when printing a log |