gvalkov / tailon Goto Github PK

Hi,

Is it possible to read compressed log file using tailon?

It would be a nice thing to implement if it's not present

It is possible to have Tailon bind to 2 or more IP addresses? I have a machine that has 2 and I would like to be able to access it with both.

If so what is the syntax?

refresh the log file if create a new log file such as logrotate. If tailon support that would be nice.

Is it possible to include an example of how the config would work with aliases and paths

The readme just shows

File, glob and dir filespecs are similar in principle to their # command-line counterparts.

which isn't helpful.
I have tried different combinations of what I think it might be couldn't figure it out.

I write a config.toml that contains as following code:

title = "Tailon file viewer"
relative-root = "/"
listen-addr = ":8081"
allow-download = true
allow-commands = ["tail", "grep", "sed", "awk"]
[commands]
[commands.tail]
action = ["tail", "-n", "$lines", "-F", "$path"]
[commands.grep]
stdin = "tail"
action = ["grep", "--text", "--line-buffered", "--color=never", "-e", "$script"]
default = "."
[commands.sed]
stdin = "tail"
action = ["sed", "-u", "-e", "$script"]
default = "s/./&/"
[commands.awk]
stdin = "tail"
action = ["awk", "--sandbox", "$script"]
default = "{print $0; fflush()}"

I run the commond "tailon -c config.toml", tip "No files specified on command-line or in config file".

It would be great to be able see logs from journalctl and probably list of units instead of files in that mode.

When I run tailon it doesn't seem to be loading my TOML config file at all. My file looks like as follows:

title = "Tailon - Tacacs"
relative-root = "/"
listen-addr = ":8081"
allow-download = true
allow-commands = ["tail", "grep", "sed", "awk"]

[commands]

    [commands.tail]
    action = ["tail", "-n", "$lines", "-F", "$path"]

    [commands.grep]
    stdin = "tail"
    action = ["grep", "--text", "--line-buffered", "--color=never", "-e", "$script"]
    default = ".*"

    [commands.sed]
    stdin = "tail"
    action = ["sed", "-u", "-e", "$script"]
    default = "s/.*/&/"

    [commands.awk]
    stdin = "tail"
    action = ["awk", "--sandbox", "$script"]
    default = "{print $0; fflush()}"

Note that the only change I've made is the port from 8080 to 8081, but this change isn't reflected when I run the binary. In fact, no changes I make seem to take effect.

user@computer:/var/log/tac_plus$ /home/user/go/bin/tailon -c /home/user/tailon.toml *
2018/10/08 14:14:14 Generate initial file listing
2018/10/08 14:14:14 Server start, relative-root: /, bind-addr: :8080
^C
user@computer:/var/log/tac_plus$ 

3rdparty.js currently bundles vue/dist/vue.js (which is used for development)

Using the minified version in the EXTERNAL_JS list will resolve the issue.

https://vuejs.org/v2/guide/deployment.html#Without-Build-Tools

Tailon 1.1
Firefox 71

When tailon toolbar is displayed (I keep it displayed to quickly switch between log files) the whole log textarea is moved toward bottom of the screen, therefore the 2 last lines are out of screen.
So I can't read those 2 last lines.
The bottom arrow of scrollbar is hidden too.
I always have to hide the toolbar to see the last lines.

Hello,

I tried to start tailon specifying a file to which tailon user doesn't have access:

./opt/tailon/tailon -b "0.0.0.0:8084" -r "/" "alias=Catalina,group=Tomcat,/opt/tomcat/logs/catalina.out" "alias=Other,group=Tomcat,/opt/tomcat/logs/*"

And got the error:

panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x28 pc=0x7bcc58]

goroutine 1 [running]:
main.parseFileSpec(0x7ffd5095662c, 0x39, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ...)
	/home/gv/go/src/github.com/gvalkov/tailon/main.go:173 +0x428
main.main()
	/home/gv/go/src/github.com/gvalkov/tailon/main.go:284 +0x562

Probably it may be usefully to see some information about file permission issue in the tailon output.

Thank you!

As far as i can see on https://hub.docker.com/r/gvalkov/tailon/tags, only a 1.0.0 image is available :)

it would be very nice to be able to specify at least the background and text color, as white on black is not everybodys first choice.
(I like green on black the best).
Alternatively, is there any documentation on how to combine any ansi color modifier like your own ansimarkup with tailon, so the published log messages are easier to read?
Thanks a lot

I'm attempting to run an AWK against the tail output, and no matter what I do, I never see any output. Happy to provide more details if necessary.

I've taken the two 'commands' from the log and run them like commandA | commandB and they work perfectly.

If files are created after tailon start they will not show in the list and even if you pass the right file in the url still shows the wrong file.

Hello everyone,

Is there an alternative to activate LDAP authentication when accessing to Tailon web Interface.
I saw that there is an http authentication solution (by declaring the username and pasword), but i want to use LDAP authentication.

Thank's in advance for your response.

e.g. somehow via the config-file?

It seems that this is part of the config-structure, but not read from the config-file....

Thank you.

Just installed Python 3 on Ubuntu Linux 22. Installed Tailon with pip and tried to tail syslog:

$ pip install tailon

$ tailon -f /var/log/syslog
Traceback (most recent call last):
File "/usr/local/bin/tailon", line 5, in
from tailon.main import main
File "/usr/local/lib/python3.10/dist-packages/tailon/main.py", line 16, in
from tornado import ioloop, httpserver
File "/usr/local/lib/python3.10/dist-packages/tornado/httpserver.py", line 34, in
from tornado.http1connection import HTTP1ServerConnection, HTTP1ConnectionParameters
File "/usr/local/lib/python3.10/dist-packages/tornado/http1connection.py", line 29, in
from tornado import httputil
File "/usr/local/lib/python3.10/dist-packages/tornado/httputil.py", line 106, in
class HTTPHeaders(collections.MutableMapping):
AttributeError: module 'collections' has no attribute 'MutableMapping'

Any idea to work around this issue?

"Interface is nil, not *Toml.Tree" is thrown if there is [commands] in the config toml file. So defaults are not used in this case.

Hey,
how about providing a docker image for linux/arm/v7. The RaspberryPi uses such arch, i guess it will increase the userbase by a bit!

Cheers!

First of all, I would like to appreciate the great work of the author! I want to share my experience of setting nginx reverse proxy for the program. For example, if tailon listens at 127.0.0.1:12323, my goal is to redirect web request to https://www.example.com/log/ to 127.0.0.1:12323 and also create a systemd service to make the program start automatically.

First, I create the following systemd file: /etc/systemd/system/tailon.service and run systemctl daemon-reload, systemctl enable tailon

[Unit]
Description=Tailon
After=syslog.target

[Service]
Type=simple
User=root
Group=root
# tailon must run as root in order to read /var/log/messages
ExecStart=/usr/local/bin/tailon -c /data/wwwroot/tailon.toml /var/log/messages /data/wwwlogs/*.log
Restart=always

[Install]
WantedBy=multi-user.target

Then I create the configuration file /data/wwwroot/tailon.toml like the following

  title = "Tailon file viewer"
  relative-root = "/"
  listen-addr = ["127.0.0.1:12313"]
  allow-download = false
  allow-commands = ["tail", "grep"]

  [commands]

    [commands.tail]
    action = ["tail", "-n", "$lines", "-F", "$path"]

    [commands.grep]
    stdin = "tail"
    action = ["grep", "--text", "--line-buffered", "--color=never", "-e", "$script"]
    default = ".*"

Finally, I configure the nginx files example.conf, which is the hardest part

server {
  listen 80;
  server_name example.com www.example.com;
  location / {
    return   301 https://$server_name$request_uri;
  }
}


server {
  listen 443 ssl http2 proxy_protocol;
  include snippets/letsencrypt.conf;
  include snippets/ssl.conf;
  server_name example.com www.example.com;

  location /log/ {
    sub_filter 'href="/' 'href="/log/';
    sub_filter 'href=\'/' 'href=\'/log/';
    sub_filter 'src="/' 'src="/log/';
    sub_filter 'src=\'/' 'src=\'/log/';
    sub_filter_once off;
    proxy_pass http://127.0.0.1:12313/;
  }

  location /ws/ {
    proxy_pass http://127.0.0.1:12313;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_read_timeout 86400;
  }

The most tricky part is the sub_fiter part in /log/ block, since the frontend of tailon responses html body with css defined at locations like /vfs/** and we need to make it to be /log/vfs/***. Moreover, you need to visit http://www.example.com/log/ (Note the last slash) in order to make it work.

I personally suggest using ngx_http_auth_basic_module module to encrypt the frontend, and also using HTTPS. In addition, you need to recompile nginx with --with-http_sub_module flag to enable the function of sub_filter.

I think the program itself can have the function to define the relative path. But I don't know how hard it is to achieve this. 😄

Seems to be working fine... the console is spitting out:

[+24464.636087][ERROR] WebSocket
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/site-packages/sockjs/tornado/transports/websocket.py", line 63, in on_message
    self.session.on_messages(msg)
  File "/usr/local/lib/python3.6/site-packages/sockjs/tornado/session.py", line 419, in on_messages
    self.conn.on_message(msg)
  File "/usr/local/lib/python3.6/site-packages/tailon/server.py", line 162, in on_message
    command = escape.json_decode(message)
  File "/usr/local/lib64/python3.6/site-packages/tornado/escape.py", line 87, in json_decode
    return json.loads(to_basestring(value))
  File "/usr/lib64/python3.6/json/__init__.py", line 354, in loads
    return _default_decoder.decode(s)
  File "/usr/lib64/python3.6/json/decoder.py", line 339, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib64/python3.6/json/decoder.py", line 357, in raw_decode
    raise JSONDecodeError("Expecting value", s, err.value) from None
json.decoder.JSONDecodeError: Expecting value: line 1 column 1 (char 0)

Running CentOS 8
python3

Hello,

I utilized my search engine to find an application that does what your application does. Happily among the first results I found tailon, represented by the link https://tailon.readthedocs.io/en/latest/.
Upon attempting to install it using pip and trying to run it, I was faced with errors. I followed the GitHub reference in the above link to file an Issue, only to become extremely confused as to why I'm seeing a Go application and Go instructions for a Python program.
Only after further research I found that the application I installed was now called tailon-legacy, and that I should replace it with this, newer, Go-based version.

The fact that your (?) readthedocs.io pages represent the Python based tailon as the true and only tailon, and being referenced to an absolutely different tailon upon following the GitHub link makes for an extremely confusing and misleading experience.

If the Python based tailon is outdated, please either remove the readthedocs.io pages, put a big red banner up that they are outdated, or replace them with instructions that match the README.md of this repository / reflect the same installation steps.

Thank you.

If is possible to configure tailon to be accessible externally (i.e. on the public internet), is it possible to configure user/password credentials to authorize access?

This does not need to be anything too fancy!

There are some escape sequences for terminals, usually used for color output. Many loggers love to use them.

As an example:
�[31msome text�[39m

As a bare minimum, if you don't want to make color support, it would be nice to at least know about it and strip them from text completely.

According to the README's "Security" section "sed" is not enabled by default.
However in the go version "sed" is now enabled by default.

It might not be a big deal as people that are granted access to Tailon are usually highly privileged anyway. It could still be a nasty surprise to some. Especially when upgrading from the python version.

Tested on release 1.1.0

Hi.
Thank you for the great analog of Log.io.

Can you implement a split view to see two or more files in parallel?
Or maybe get an option to select not one file to tail.

Thanks.

See the below Images, I have no idea why?