No project description provided
Project description
Elastic Log CLI
CLI for streaming logs from Elasticsearch to a terminal.
Installation
This project is not currently packaged and so must be installed manually.
Clone the project with the following command:
git clone https://github.com/jacksmith15/elastic-log-cli.git
Configuration
The following environment variables are used to configure the tool. For secure, easy selection of target clusters, a tool like envchain is recommended.
ELASTICSEARCH_URL
Required
URL of the Elasticsearch cluster containing logs. You can also provide an Elastic Cloud ID by prefixing with it cloud:
.
ELASTICSEARCH_USERNAME
Optional
Username for the Elasticsearch cluster containing logs.
ELASTICSEARCH_PASSWORD
Optional
Password for the Elasticsearch cluster containing logs.
ELASTICSEARCH_AUTH_MODE
Optional, default value: basicauth
Whether to authenticate using Basic Auth or an API Key. If using apikey
, provide as follows:
ELASTICSEARCH_USERNAME=${APIKEY_NAME}
ELASTICSEARCH_PASSWORD=${APIKEY_KEY}
Possible values
basicauth
, apikey
ELASTICSEARCH_TIMEOUT
Optional, default value: 40
How long to wait on Elasticsearch requests.
Usage
Usage: elastic-logs [OPTIONS] QUERY
Stream logs from Elasticsearch.
Accepts a KQL query as its only positional argument.
Options:
-p, --page-size INTEGER RANGE The number of logs to fetch per page [x>=0]
-i, --index TEXT The index to target. Globs are supported.
-s, --start TEXT When to begin streaming logs from.
-e, --end TEXT When to stop streaming logs. Omit to
continuously stream logs until interrupted.
--source CSV Source fields to retrieve, comma-separated.
Default behaviour is to fetch full document.
-t, --timestamp-field TEXT The field which denotes the timestamp in the
indexed logs.
--version Show version and exit.
--help Show this message and exit.
Example
elastic-logs \
--start 2022-03-05T12:00:00 \
--end 2022-03-05T13:00:00 \
--source time,level,message,error \
--index filebeat-7.16.2 \
--timestamp-field time \
'level:ERROR and error.code:500'
KQL support
The following KQL features are not yet supported:
- Wildcard fields, e.g.
*:value
ormachine.os*:windows 10
- Prefix matching, e.g.
machine.os:win*
Development
Install dependencies:
pyenv shell 3.10.x
pre-commit install # Configure commit hooks
poetry install # Install Python dependencies
Run tests:
poetry run inv verify
License
This project is distributed under the MIT license.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for elastic_log_cli-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | f60d7c771b312ce1aca71c3076cb53dfd1f2359c394f72cc8c0a241d9c38410d |
|
MD5 | 548b063a0222dc3f5c66388f871e8c4a |
|
BLAKE2b-256 | 15de40239be0e5297268b7ac1268d1d28e972ea20d5462812b7a4717229dbe5f |