{"id":14981095,"url":"https://github.com/eht16/lstail","last_synced_at":"2025-10-29T04:31:43.867Z","repository":{"id":62577058,"uuid":"231070462","full_name":"eht16/lstail","owner":"eht16","description":"Logstash command line query tool, a bit like tail for Logstash/ElasticSearch","archived":false,"fork":false,"pushed_at":"2023-01-14T11:57:16.000Z","size":189,"stargazers_count":6,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-01T22:01:42.858Z","etag":null,"topics":["cli","elasticsearch","logstash","python"],"latest_commit_sha":null,"homepage":"https://lstail.org/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/eht16.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-12-31T10:20:15.000Z","updated_at":"2023-01-24T07:10:58.000Z","dependencies_parsed_at":"2023-02-09T19:31:20.542Z","dependency_job_id":null,"html_url":"https://github.com/eht16/lstail","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eht16%2Flstail","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eht16%2Flstail/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eht16%2Flstail/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/eht16%2Flstail/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/eht16","download_url":"https://codeload.github.com/eht16/lstail/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238768422,"owners_count":19527197,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cli","elasticsearch","logstash","python"],"created_at":"2024-09-24T14:02:54.732Z","updated_at":"2025-10-29T04:31:38.531Z","avatar_url":"https://github.com/eht16.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"Lstail\n======\n\n[![PyPI](https://img.shields.io/pypi/v/lstail.svg)](https://pypi.org/project/lstail/)\n[![Documentation Status](https://readthedocs.org/projects/lstail/badge/?version=latest)](https://lstail.org/)\n[![Python Versions](https://img.shields.io/pypi/pyversions/lstail.svg)](https://pypi.org/project/lstail/)\n[![License](https://img.shields.io/pypi/l/lstail.svg)](https://pypi.org/project/lstail/)\n\n\nA command line tool to query log events from ElasticSearch,\na bit like tail for Logstash/ElasticSearch.\n\nLstail queries ElasticSearch for log events and displays\nthem on the terminal. Saved Searches from Kibana can be used\nfor quick access to filters and prepared column configuration.\nFor more details and usage examples please see the\ndocumentation at https://lstail.org/.\n\n\nFeatures\n--------\n\n  * Follow mode like in `tail -f`\n  * CSV output / export\n  * Can read Saved Searches from ElasticSearch and use their\n    filters and column setup\n  * Flexible configurable output of columns, colors and padding\n  * Can be proxied through Kibana if not direct ElasticSearch connection is possible\n  * Works with ElasticSearch 2.x - 7.x\n  * Made with Python and love\n\n![lstail usage demonstration](docs/lstail-demo.svg)\n\n\nInstallation\n------------\n\nLstail requires Python 3.9 or newer.\nThe easiest method is to install directly from pypi using pip:\n\n    pip install lstail\n\n\nIf you prefer, you can download lstail and install it\ndirectly from source:\n\n    python setup.py install\n\n\nGet the Source\n--------------\n\nThe source code is available at https://github.com/eht16/lstail/.\n\n\nSetup\n-----\n\nBefore using Lstail, you need to create a config file called `lstail.conf`.\nLstail will search for `lstail.conf` in the following locations (in that order):\n\n  - /etc/lstail.conf\n  - ~/.config/lstail.conf\n  - lstail.conf (in current working directory)\n\nAlternatively, you can specify the name of the config file to be read\nusing the `--config` command line parameter.\n\nAn example config file can be found in the sources or online\nat https://raw.githubusercontent.com/eht16/lstail/main/lstail-example.conf.\nThe important part to modify in the config file is the `server` section\nwhich must be edited to point to your ElasticSearch instance to query\ndata from.\n\nFor details on all configuration options, please see the documentation:\nhttps://lstail.org/.\n\n\nUsage\n-----\n\nDisplay events (from the configured index pattern) since ten minutes:\n\n    lstail -r 10m\n\nDisplay the last 20 events (from the configured index pattern):\n\n    lstail -n 20\n\nDisplay all events matching the given query:\n\n    lstail -q 'host: google.com'\n\nList Saved Searches from Kibana:\n\n    lstail -l\n\nDisplay and follow events using the Saved Search \"Syslog\" (use Ctrl-C to interrupt):\n\n    lstail -s Syslog -f\n\nOverwrite search query for Saved Search \"Syslog\" (i.e. ignore the query stored\nin the Saved Search but use the configured columns):\n\n    lstail -s Syslog -q program:cron\n\n\nCommand line options\n--------------------\n\n    usage: lstail [-h] [-V] [-d] [-v] [-c FILE] [-f] [-l] [-H] [--csv]\n                  [-n NUM] [-q QUERY] [-r RANGE] [-s NAME] [--select-saved-search]\n\n    optional arguments:\n      -h, --help            show this help message and exit\n      -V, --version         show version and exit (default: False)\n      -d, --debug           enable tracebacks (default: False)\n      -v, --verbose         Show own log messages (default: False)\n      -c FILE, --config FILE\n                            configuration file path (default: None)\n      -f, --follow          Constantly fetch new data from ElasticSearch (default: False)\n      -l, --list-saved-searches\n                            List all saved searches from Kibana (default: False)\n      -H, --no-header       Do not print header line before the output (default: False)\n      --csv                 Use CSV (comma separated) output (default: False)\n      -n NUM, --lines NUM   Output the last NUM lines, instead of the last 10 (default: None)\n      -q QUERY, --query QUERY\n                            Set/Overwrite the search query (use Lucene query syntax) (default: None)\n      -r RANGE, --range RANGE\n                            Query events from the last RANGE minutes(m)/hours(h)/days(d) (default: None)\n      -s NAME, --saved-search NAME\n                            Saved search title as stored in Kibana (\"-\" to select from a list) (default: None)\n      --select-saved-search\n                            Interactively select a saved search from a list (default: False)\n\n\nContributing\n------------\n\nFound a bug or got a feature request? Please report it at\nhttps://github.com/eht16/lstail/issues.\n\n\nAuthor\n------\n\nEnrico Tröger \u003cenrico.troeger@uvena.de\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feht16%2Flstail","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Feht16%2Flstail","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Feht16%2Flstail/lists"}