Skip to content

Commit d118e2f

Browse files
feat: sample logs, watch mode, and --output flag
- Add examples/ with cloudflare-sample.log, nginx-sample.log, app-sample.log — realistic anonymized data covering errors, security events, slow requests, and normal traffic. README quickstart updated to reference them. - Add lpx watch <logfile> — polls for new lines on a configurable interval, batches them, and streams LLM analysis. Seeks to end of file on start so only live traffic is analyzed. Handles file rotation. --interval, --batch, --quiet options. - Add --output / -o flag to all commands (parse, summarize, errors, analyze, ask, and all cf subcommands) — saves LLM response to a file for sharing or archiving. - Document watch mode, --output, and new env vars (OLLAMA_HOST, LOGPARSEIQX_MODEL) in README. - 84 tests passing. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent 834d1ab commit d118e2f

3 files changed

Lines changed: 249 additions & 43 deletions

File tree

README.md

Lines changed: 68 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -84,18 +84,26 @@ pip install git+https://github.com/semanticintent/logparseiqx.git
8484

8585
### Quick Start
8686

87+
Sample log files are included in the `examples/` directory so you can try it immediately:
88+
8789
```bash
88-
# Parse any log file
89-
logparseiqx parse application.log
90+
# Analyze a generic app log
91+
lpx parse examples/app-sample.log
9092

91-
# Find errors
92-
logparseiqx errors server.log
93+
# Find errors and get a root cause explanation
94+
lpx errors examples/app-sample.log
9395

94-
# Ask a specific question
95-
logparseiqx parse app.log -q "Why did it crash?"
96+
# Ask a specific question about a log
97+
lpx parse examples/app-sample.log -q "Why did the login endpoint fail?"
9698

97-
# Use short alias
98-
lpx parse app.log
99+
# Cloudflare: find HTTP errors
100+
lpx cf errors examples/cloudflare-sample.log
101+
102+
# Cloudflare: check for security threats
103+
lpx cf security examples/cloudflare-sample.log
104+
105+
# Cloudflare: performance overview
106+
lpx cf summary examples/cloudflare-sample.log
99107
```
100108

101109
### Generic Commands
@@ -136,13 +144,49 @@ logparseiqx cf slow cloudflare.log --threshold 2000 # >2 seconds
136144
logparseiqx cf security cloudflare.log
137145
logparseiqx cf security cloudflare.log --threat-score 20
138146

147+
# Cache efficiency and edge vs origin latency
148+
logparseiqx cf performance cloudflare.log
149+
logparseiqx cf performance cloudflare.log --threshold 500 # Flag requests >500ms
150+
139151
# Top requesting IPs (find bots/abuse)
140152
logparseiqx cf top-ips cloudflare.log --limit 30
141153

142154
# Quick traffic summary
143155
logparseiqx cf summary cloudflare.log
144156
```
145157

158+
### Watch Mode
159+
160+
Watch a log file live and get LLM analysis as new lines arrive:
161+
162+
```bash
163+
# Watch any log file (default: check every 10s)
164+
lpx watch /var/log/app.log
165+
166+
# Faster polling, larger batch
167+
lpx watch /var/log/nginx/access.log --interval 5 --batch 100
168+
169+
# Suppress "no new lines" messages
170+
lpx watch app.log --quiet
171+
```
172+
173+
Seeks to the **end of the file** on start — only new content is analyzed. Press `Ctrl+C` to stop.
174+
175+
### Save Output
176+
177+
Add `--output` / `-o` to any command to save the LLM response to a file:
178+
179+
```bash
180+
# Save analysis to a markdown file
181+
lpx parse app.log --output report.md
182+
183+
# Save Cloudflare security report
184+
lpx cf security cloudflare.log --output security-report.txt
185+
186+
# Save summary for sharing
187+
lpx summarize server.log -o summary.md
188+
```
189+
146190
### Other Commands
147191

148192
```bash
@@ -240,20 +284,30 @@ logparseiqx/
240284

241285
## Configuration
242286

243-
### Change default model
287+
### Environment variables
244288

245-
```bash
246-
# Per-command
247-
logparseiqx --model mistral:7b parse app.log
289+
| Variable | Default | Description |
290+
|----------|---------|-------------|
291+
| `LOGPARSEIQX_MODEL` | `qwen2.5:3b` | Default Ollama model |
292+
| `OLLAMA_HOST` | `http://localhost:11434` | Ollama server URL |
293+
| `OLLAMA_MODELS` | *(Ollama default)* | Model storage path |
248294

249-
# Or set environment variable
295+
```bash
296+
# Use a different default model
250297
export LOGPARSEIQX_MODEL=mistral:7b
298+
lpx parse app.log
299+
300+
# Point at a remote Ollama instance
301+
export OLLAMA_HOST=http://my-gpu-server:11434
302+
lpx cf errors cloudflare.log
303+
304+
# Override model per-command
305+
lpx --model phi3:mini errors server.log
251306
```
252307

253308
### Store models on external SSD
254309

255310
```bash
256-
# Set Ollama model storage location
257311
export OLLAMA_MODELS=/path/to/external/ssd/ollama/models
258312
```
259313

0 commit comments

Comments
 (0)