DEV Community

RobbiNespu
RobbiNespu

Posted on • Originally published at robbinespu.gitlab.io on

How to colorize your NGINX log files with CCZE

If your are into devops or someone who take care backend of NGINX, you will notice there is limit of tools to read / transform NGINX access or error log files into colorize which is helpful and readable, compare to Httpd / Apache which have tonnes of script and tools to colorize your logs.

The last time I configuring NGINX was 4 years ago and yesterday I setup webserver for my client using NGINX instead of Httpd / Apache, after 7 minutes port 80 was open to public, I notice slowness on my client VPS machine, so I assume maybe some massive bots are scanning this webserver for some reason.

I open NGINX log with my favourite less- R command line and I feel awful and ackward. Do you know why? Because I been involve with lot of programming framework and tool that offer me ANSI colorize log.

If you are just like me, then I suggest you to install ccze! Here some currrent info from Fedora repository

[rnm@robbinespu ~] $ sudo dnf info ccze
Last metadata expiration check: 0:00:13 ago on Thu 22 Aug 2019 11:55:41 AM +08.
Available Packages
Name : ccze
Version : 0.2.1
Release : 22.fc30
Architecture : x86_64
Size : 81 k
Source : ccze-0.2.1-22.fc30.src.rpm
Repository : fedora
Summary : A robust log colorizer
URL : http://bonehunter.rulez.org/CCZE.html
License : GPLv2+
Description : CCZE is a roboust and modular log colorizer, with plugins for apm,
             : exim, fetchmail, httpd, postfix, procmail, squid, syslog, ulogd,
             : vsftpd, xferlog and more.

Enter fullscreen mode Exit fullscreen mode

Like it said, this is a robust and modular log colorizer and comes with few plugins. It available on Fedora, Debian, Ubuntu, Centos, Opensuse and others distro repository.

Just install it:

$ sudo dnf install ccze #for Red Hat/CentOS/Fedora based
$ sudo apt install ccze #for Debian/Ubuntu based

Enter fullscreen mode Exit fullscreen mode

and to use it, you need to open your file reader and pipe into ccze. For example:

$ sudo less -R /var/log/nginx/access.log | ccze -A | less -R 

Enter fullscreen mode Exit fullscreen mode

NGINX access log with ccze

You may check helps for more option how to manipulate and using ccze

$ ccze --help
Usage: ccze [OPTION...]
ccze -- cheer up 'yer logs.

  -a, --argument=PLUGIN=ARGS... Add ARGUMENTS to PLUGIN
  -A, --raw-ansi Generate raw ANSI output
  -c, --color=KEY=COLOR,... Set the color of KEY to COLOR
  -C, --convert-date Convert UNIX timestamps to readable format
  -F, --rcfile=FILE Read configuration from FILE
  -h, --html Generate HTML output
  -l, --list-plugins List available plugins
  -m, --mode=MODE Change the output mode
                             (Available modes are curses, ansi and html.)
  -o, --options=OPTIONS... Toggle some options
                             (such as scroll, wordcolor and lookups,
                             transparent, or cssfile)
  -p, --plugin=PLUGIN Load PLUGIN
  -r, --remove-facility remove syslog-ng's facility from start of the
                             lines
  -?, --help Give this help list
      --usage Give a short usage message
  -V, --version Print program version

Mandatory or optional arguments to long options are also mandatory or optional
for any corresponding short options.

Report bugs to <algernon@bonehunter.rulez.org>.

Enter fullscreen mode Exit fullscreen mode

Cheers and have fun!

Top comments (0)