Troubleshooting, analyzing & filtering log files is by far one of the most laborious daily jobs. My issue is searching through a log file, which could be well over 4 gigs in size. Simply loading the file takes up to 15 mins. I'm running a fairly fast processor with 8 gigs of memory. After the file loads, I literally only have the luxury of grep and/or control+F to scan through the file. This gets worse when I'm trying to look files from multiple systems each weighing over a gig. Have tried segregating the files based on time-stamps to make them smaller, but no joy really.
Is there a tool or even a process that I could use to make troubleshooting less time consuming (apart from the usual "just fix the bug first")?
Your comments are appreciated.
You can install Midnight Commander. You can start Midnight Commander from the CLI with the mc command. After that you may select and open any file in "view mode" ( F3 ) or in "edit mode" ( F4 ). mc is much more efficient when opening and browsing large files than vim .
The maximum size for a log file is two terabytes. Enable Autogrowth: Autogrowth enables the SQL Server to expand the size of database files when they run out of space.
What are you loading it with? 4 gigs is a fairly large file, but that shouldn't take THAT long to load into memory.
For files that large, I would recommend using grep directly, and if grep isn't doing it for you, SED and AWK are your friends. If you want to do it in realtime, learn about using those tools in conjunction with pipes and tail -f
.
Yes, I know, SED is very intimidating at first. It's also ridiculously powerful. Learn it.
If you're on windows, you have my sympathy. May I recommend a unix shell?
If you are afraid of the command line tools, consider learning Perl or Python. They're both quite good at sorting signal from noise in large files like this.
Baretail is a good tool to have. Give it a try. I haven't used it for 4 gigs files but my log files are also quite big and it works just fine. http://www.baremetalsoft.com/baretail/index.php
edit: I did not see that someone has already suggested baretail.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With