Awesome log search with cmder, nushell and ripgrep

Posted on by

In this article I wanted to go through how to parse log files like a boss using three tools.

  • cmder
  • nushell
  • ripgrep

Cmder is an console emulator which is far nicer than either PowerShell or Windows terminal, it is available from https://cmder.net/

Note that need to manually add cmder to the environment’s path.

Nu Shell can run within cmder by simply installing then typing “nu”, you can then run something like “ls” to see how the the output has changed.

You can also perform operations on the data like sorting and listing as well a host of other operations. It is also great for parsing API/JSON data.

You can install nushell various ways but the easiest is using chocolately.

choco install nushell

RipGrep is a commandline tool that is a grep alternaitve for all platforms and provides blazing fast search of patterns in files or folders.

https://github.com/BurntSushi/ripgrep/blob/master/GUIDE.md

It can be easily installed using a few different methods:

https://github.com/BurntSushi/ripgrep/blob/master/README.md#installation

Combining all the tools to search through logs.

First fire up nushell, then go to the logs folder.

nu

cd C:\ProgramData\Veeam\Backup

Then list the contents but only the directories. Note that th reverse flag is required as it normally sorts decending.

ls | where type == Dir | sort-by modified --reverse | first 10

Select the folder you want with the standard cd command, then list the directories by modified date.

Next we can use ripgrep to quickly look through a log file for errors, outputing to a table format.

rg error -C 5 some-log-file.log | table

The -C flag is “context” which provides 5 rows above and below searched term. There are also a ton of other flags and features including recursive search through all the files in a directory by simply omitting the file name

rg error -C 5

You can also check how many occurances of a word are in each file using the lowercase -c flag.

rg -c error

You can also easily output the data to a file in various formats; csv, html, json and yaml.

rg error -C 5 some-log-file.log | save csv output.csv

Both nushell and ripgrep are in written in Rust which is blazingly fast and is a language that is one to watch out for in the future.

Keep coding 🦀