Skip to content

WebberHuang1118/sb-log-analyzer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
log-analyze-and-sort.sh
log-analyze-and-sort.sh
 
 
log_analyzer_gui.py
log_analyzer_gui.py
 
 
run-gui.sh
run-gui.sh
 
 

Repository files navigation

sb-log-analyzer

A Bash script to search for log lines matching a string in files under a support bundle directory, sort them by timestamp, and write the results to an output file. It can also filter lines from an existing file by removing lines containing specified strings.

GUI

If using the CLI directly is awkward, there is now a small desktop GUI that wraps the same script and options.

Run either of these from the repository root:

python3 log_analyzer_gui.py
./run-gui.sh

If tkinter is missing, install the platform package first. On openSUSE/SLES this is:

sudo zypper install python3-tk

The GUI includes:

  • Search and sort mode with support bundle picker, pod annotation toggle, sort order, and output file picker.
  • Filter-only mode with input/output file pickers and in-place filtering support.
  • A command preview so you can still see the exact script invocation being generated.
  • A live output panel showing the script's stdout and stderr.

Usage

./log-analyze-and-sort.sh [--sb-path <sb_path>] [--annotate-pods] <search_string> <file_patterns> <exclude_string> <output_file>
    (search & sort mode)

./log-analyze-and-sort.sh --filter-only <input_file> <remove_list> <output_file>
    (filter-only mode)
  • --sb-path <sb_path>: Path to the support bundle directory (required for search mode).
  • --annotate-pods: Enable pod owner and node annotation for logs from any Kubernetes namespace (dynamically discovered).
  • search_string: Literal string to match inside files.
  • file_patterns: Comma-separated filename globs (e.g. '*foo*,*bar*'). Use '*' to match all files.
  • exclude_string: Literal string; any matched line containing this will be excluded. Use '' to disable.
  • output_file: File to write the time-sorted matches into.
  • input_file: (filter-only mode) File to filter lines from.
  • remove_list: (filter-only mode) Comma-separated list of strings; lines containing any will be removed.

Environment Variables

  • SORT_ORDER=asc|desc (default: asc)
    • asc: Sort from oldest to newest.
    • desc: Sort from newest to oldest.

Features

  • Search & sort mode:
    • Searches for files matching the given patterns under logs/ in the support bundle directory.
    • Finds lines containing the search string.
    • Excludes lines containing the exclude string (if provided).
    • Sorts the results by timestamp (ISO8601 format required in log lines).
    • When --annotate-pods is used, for log files under /logs/<namespace>/<pod>/, prepends [namespace/owner node]: to each line using pod info extracted from YAML manifests in the support bundle.
    • Pod information is extracted on-demand with caching and supports any Kubernetes namespace (not just longhorn-system).
    • Pod manifest files are discovered dynamically from multiple possible locations:
      • $sb_path/yamls/namespaced/<namespace>/v1/pods.yaml (primary)
      • $sb_path/yamls/<namespace>/pods.yaml
      • $sb_path/manifests/<namespace>/pods.yaml
      • $sb_path/objects/<namespace>/pods.yaml
    • If pod info is not found, falls back to [namespace]: format.
    • Adds blank lines between log entries and collapses multiple blank lines into a single blank line.
  • Filter-only mode:
    • Removes lines containing any string in remove_list.
    • Collapses blank lines.
    • Supports in-place filtering if input and output files are the same.

Examples

Search & sort mode:

./log-analyze-and-sort.sh --sb-path /path/to/support-bundle --annotate-pods my-search-term '*longhorn-csi-plugin*,*longhorn-manager*' 'Request (user: system:serviceaccount:longhorn-system:longhorn-service-account' ./sorted.log

This will:

  • Search for files matching *longhorn-csi-plugin* or *longhorn-manager* under /path/to/support-bundle/logs/.
  • Find lines containing my-search-term.
  • Exclude lines containing the specified exclude_string.
  • Sort the results by timestamp and write to ./sorted.log.
  • For log files under /logs/<namespace>/<pod>/, prepend [namespace/owner node]: to each line using pod info extracted from YAML manifests.

Filter-only mode:

./log-analyze-and-sort.sh --filter-only ./sorted.log 'foo,bar,baz' ./filtered.log

This will:

  • Remove lines containing foo, bar, or baz from ./sorted.log.
  • Collapse blank lines.
  • Write the result to ./filtered.log.
  • If input and output files are the same, filtering is done safely in-place.

Environment variable usage:

SORT_ORDER=desc ./log-analyze-and-sort.sh --sb-path /path/to/support-bundle error '*longhorn*' '' ./errors.log

This will sort results from newest to oldest instead of the default oldest to newest.

For more details, see comments in the script file.

About

A Bash script to search for log lines matching a string in files under a directory, sort them by timestamp, and write the results to an output file. It can also filter lines from an existing file by removing lines containing specified strings.

Resources

Readme
Activity

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages