"According to benchmarks published by hl's creator, the viewer achieves throughput of up to ~2 GiB/s with automatic indexing on initial scan and up to ~10 GiB/s when reindexing growing files. This performance appears to be a significant improvement over alternatives such as hlogf, humanlog, fblog, and fblog-d, making hl a compelling tool for DevOps engineers who work with very large log files from the command line."
"hl includes an integrated pager, like less, that makes it easy to browse log entries, along with a rich set of features for filtering, searching, sorting, and formatting logs. You can filter by log level (e.g., error, warn, info, and more), by field or key-value pair (e.g., component=tsdb, or request.method?!=GET, etc.), as well as using time ranges (e.g., --since yesterday, --since -3h, --until 'Jun 19 11:22:33', etc.)."
"Other useful features supported by hl include a follow mode, similar to tail -f, with automatic timestamp-based sorting across multiple sources using the -F option; customizable output with simple control for hiding or revealing specific fields using the -h option; automatic timezone switching to have timestamps converted to the desired timezone; and support for UI themes and color schemes. A powerful capability in hl is its ability to build complex queries using logical, comparison, set-based, and string operators to combine basic filtering options. For example, the following command combines a log level and two field filters: hl my-service.log --query 'level > info or status-code >= 400 or duration > 0.5'"
hl is an open-source Rust log viewer optimized for JSON and logfmt structured logs. It builds fast indexes and parses logs to scan very large files quickly, including compressed files. Benchmarks show up to ~2 GiB/s on initial automatic indexing and up to ~10 GiB/s when reindexing growing files. The tool supports browsing via an integrated pager, filtering by level, fields, and time ranges, and rich query expressions combining logical, comparison, set-based, and string operators. Additional features include follow mode with timestamp-based merging across sources, customizable output, automatic timezone conversion, and UI themes.
Read at InfoQ
Unable to calculate read time
Collection
[
|
...
]