{"id":13608508,"url":"https://github.com/sivasamyk/logtrail","last_synced_at":"2025-05-15T11:06:01.356Z","repository":{"id":39617618,"uuid":"49450930","full_name":"sivasamyk/logtrail","owner":"sivasamyk","description":"Kibana plugin to view, search \u0026 live tail log events","archived":false,"fork":false,"pushed_at":"2023-12-30T06:37:46.000Z","size":4081,"stargazers_count":1395,"open_issues_count":87,"forks_count":184,"subscribers_count":33,"default_branch":"master","last_synced_at":"2025-05-05T12:47:26.264Z","etag":null,"topics":["elasticsearch","event-viewer","kibana","log-viewer","logging","logstash","papertrail","syslog"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sivasamyk.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2016-01-11T20:02:19.000Z","updated_at":"2025-04-12T09:09:36.000Z","dependencies_parsed_at":"2024-01-15T09:58:33.000Z","dependency_job_id":"92f92b99-fca5-4e27-b598-6c178d8b8371","html_url":"https://github.com/sivasamyk/logtrail","commit_stats":{"total_commits":326,"total_committers":19,"mean_commits":"17.157894736842106","dds":"0.24846625766871167","last_synced_commit":"877329b7936f4a78bc37d621ed80a61cd28310ea"},"previous_names":[],"tags_count":33,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sivasamyk%2Flogtrail","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sivasamyk%2Flogtrail/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sivasamyk%2Flogtrail/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sivasamyk%2Flogtrail/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sivasamyk","download_url":"https://codeload.github.com/sivasamyk/logtrail/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254328385,"owners_count":22052632,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["elasticsearch","event-viewer","kibana","log-viewer","logging","logstash","papertrail","syslog"],"created_at":"2024-08-01T19:01:27.823Z","updated_at":"2025-05-15T11:06:01.327Z","avatar_url":"https://github.com/sivasamyk.png","language":"JavaScript","readme":"# LogTrail - Log Viewer plugin for Kibana (DEPRECATED)\n\n[![Github All Releases](https://img.shields.io/github/downloads/sivasamyk/logtrail/total.svg)](https://github.com/sivasamyk/logtrail/releases) [![Kibana 7.9.2](https://img.shields.io/badge/Kibana-v7.9.2-blue.svg)](https://www.elastic.co/guide/en/kibana/7.5/release-notes-7.9.2.html)\n[![License](https://img.shields.io/github/license/sivasamyk/logtrail.svg)](https://github.com/sivasamyk/logtrail) ![maintenance-status](https://img.shields.io/badge/maintenance-deprecated-red.svg)\n\n**This plugin is no longer maintained. Please use the built-in [tail logs](https://www.elastic.co/guide/en/observability/current/tail-logs.html) feature in Kibana.**\n\nLogTrail is a plugin for Kibana to view, analyze, search, and tail log events from multiple hosts in realtime with DevOps friendly interface inspired by [Papertrail](https://papertrailapp.com/).\n\n![Events](screenshot.png)\n\nFeatures\n--------\n - View, analyze, and search log events from a centralized interface\n - Clean \u0026 simple DevOps friendly interface\n - Live tail\n - Filter aggregated logs by hosts and program\n - Quickly seek to logs based on time\n - Supports highlighting of search matches\n - Supports multiple Elasticsearch index patterns each with different schemas\n - Can be extended by adding additional fields to log event\n - Color coding of messages based on field values\n - Powerful search using [Lucene query syntax](https://www.elastic.co/guide/en/kibana/current/lucene-query.html)\n\nInstallation\n------------\n- Prerequisites\n  - Download and install Elasticsearch and Kibana\n  - Logtrail is supported and tested with Kibana 6.x and 5.x\n- Install logtrail plugin (requires a restart of Kibana after install)\n  - Kibana 7.9.2 : `./bin/kibana-plugin install https://github.com/sivasamyk/logtrail/releases/download/v0.1.31/logtrail-7.9.2-0.1.31.zip`\n  - Kibana 5.6.5 : `./bin/kibana-plugin install https://github.com/sivasamyk/logtrail/releases/download/v0.1.23/logtrail-5.7.9.2.1.23.zip`\n  - Other versions : [https://github.com/sivasamyk/logtrail/releases](https://github.com/sivasamyk/logtrail/releases)\n- Kibana requires an exact match of the plugin version to the Kibana version. If you can't find the logtrail plugin release for a Kibana release, follow the instructions [here](docs/how_to.md#2-update-kibanaversion-in-logtrail-plugin-archive) to update the Kibana version in your logtrail plugin archive.\n- Refer [Logtrail Config Examples Repo](https://github.com/sivasamyk/logtrail-config-examples) for sample configurations for syslog, Java app, Kubernetes logs.\n\nConfiguration\n-------------\n- Logtrail can be configured by editing the following fields present in `logtrail.json` file located inside`./plugins/logtrail` directory.\n- `default_index` - Elasticsearch index where the syslog events are stored (default: logstash-*)\n- `default_time_range_in_days` - Default time range in days to search when time is not specified using Seek button.\n    Example: A value of 30 means logtrail will search only in logs from the last 30 days unless time is specified using the Seek button.\n    A value of 0 means logtrail will search in all available logs by default.\n- `display_timezone` - Timezone to display the timestamp in Event Viewer. e.g. `America/Los_Angeles`. The default value of `local` will use the timezone of the browser. The time specified in `Seek To` popup will always use browser timezone.\n- `display_timestamp_format` - Format to display the timestamp in Event Viewer. For list of valid value refer [here](http://momentjs.com/docs/#/displaying/)\n- `default_search` - if specified, this will be applied as default search text while launching logtrail. The value can be any search text. e.g. `ssh` - shows all logs with `ssh` in the message field. or `log_level:SEVERE` - shows all logs where `log_level` field is `SEVERE`. The field name should be a valid field in the Elasticsearch document. The default search field is the field mapped to `message`.\n- `fields` - Edit this parameter to map the event fields in ES to logtrail fields\n    - `timestamp` - maps to @timestamp field inserted by logstash. This will be used for querying internally. Logtrail recommends @timestamp to be stored in UTC in ES.\n    - `hostname` - hostname from where the events were received. Also used by hostname filter. The hostname field should be of type `keyword`. For more info check out [Hostname field need to be of type keyword](docs/how_to.md#1-hostname-field-need-to-be-of-type-keyword)\n    - `program` - program that generated this event.\n    - `message` - actual event message. This field will be used by search.\n- Example:  If the event fields names are @timestamp, host, process, message the mapping should be\n```json\n\"mapping\" : {\n        \"timestamp\" : \"@timestamp\",\n        \"hostname\" : \"host\",\n        \"program\": \"process\",\n        \"message\": \"message\"\n    }\n```\n- By default each line displayed in the events view is of format:\n  `display_timestamp hostname program:message`\n- `message_format` - Used to add additional fields to be shown for log event. For more details refer [Adding additional fields](docs/add_fields.md)\n- `keyword_suffix` - Specifies the keyword suffix to be appended for hostname \u0026 program fields. Set it to empty string (`\"\"`) to not append any suffix. If not specified (`undefined`) logtrail will append `keyword`.\n- `color_mapping` - Color code messages based on field values. For more details refer [Color coding messages](docs/color_mapping.md)\n- Any changes in `logtrail.json` require a restart of Kibana\n- Logtrail can read `logtrail.json` configuration from Elasticsearch instead of the filesystem. This will be useful when sharing the same configuration across multiple installations. For more info refer [Load Logtrail configuration from Elasticsearch](https://github.com/sivasamyk/logtrail/blob/master/docs/how_to.md#3-load-logtrail-configuration-from-elasticsearch)\n- Refer [logtrail-config-examples](https://github.com/sivasamyk/logtrail-config-examples) repo for sample configurations \n- Logs \u0026 Events from Windows, Java, Python, PHP, Perl, Ruby, Android, Docker, .Net can be shipped using the syslog protocol.\n  - For more configuration options refer to [Papertrail Configuration Help](http://help.papertrailapp.com/).\n- Beats/Fluentd can also be used to ship events to ES and fields can be mapped using the `fields` parameter in `logtrail.json`\n","funding_links":[],"categories":["others","JavaScript","Kibana plugins and applications","Kibana"],"sub_categories":["Kibana Visualization plugins","Tools"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsivasamyk%2Flogtrail","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsivasamyk%2Flogtrail","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsivasamyk%2Flogtrail/lists"}