📢 Actions Speak Louder Than Words!

How to colorize your NGINX log files with CCZE

Posted: Aug 22, 2019 | Reading time: 3 min

If your are into devops or someone who take care backend of NGINX, you will notice there is limited tools to read / transform NGINX access or error log files into colorize forms which is helpful and readable, compare to Httpd (Apache) which have tonnes of script and tools to colorize your logs.

The last time I configuring NGINX was 4 years ago and yesterday I setup webserver for my client using NGINX instead of Apache, after 7 minutes port 80 was open to public, I notice slowness on my client VPS machine, so I assume maybe some massive bots are scanning this webserver for some reason.

I open NGINX log with my favourite less- R command line and I feel awful and ackward. Do you know why? Because I been involve with lot of programming framework and tool that offer me ANSI colorize log.

If you are just like me, then I suggest you to install ccze! Here some currrent info from Fedora repository

$ sudo dnf info ccze
Last metadata expiration check: 0:00:13 ago on Thu 22 Aug 2019 11:55:41 AM +08.
Available Packages
Name         : ccze
Version      : 0.2.1
Release      : 22.fc30
Architecture : x86_64
Size         : 81 k
Source       : ccze-0.2.1-22.fc30.src.rpm
Repository   : fedora
Summary      : A robust log colorizer
URL          : http://bonehunter.rulez.org/CCZE.html
License      : GPLv2+
Description  : CCZE is a roboust and modular log colorizer, with plugins for apm,
             : exim, fetchmail, httpd, postfix, procmail, squid, syslog, ulogd,
             : vsftpd, xferlog and more.

Like it said, this is a robust and modular log colorizer and comes with few plugins. It available on Fedora, Debian, Ubuntu, Centos, Opensuse and others distro repository.

Just install it:

$ sudo dnf install ccze #for Red Hat/CentOS/Fedora based
$ sudo apt install ccze #for Debian/Ubuntu based

and to use it, you need to open your file reader and pipe into ccze. For example:

$ sudo less -R /var/log/nginx/access.log | ccze -A | less -R 

NGINX access log with ccze

You may check helps for more option how to manipulate and using ccze

$ ccze --help
Usage: ccze [OPTION...]
ccze -- cheer up 'yer logs.

  -a, --argument=PLUGIN=ARGS...   Add ARGUMENTS to PLUGIN
  -A, --raw-ansi             Generate raw ANSI output
  -c, --color=KEY=COLOR,...  Set the color of KEY to COLOR
  -C, --convert-date         Convert UNIX timestamps to readable format
  -F, --rcfile=FILE          Read configuration from FILE
  -h, --html                 Generate HTML output
  -l, --list-plugins         List available plugins
  -m, --mode=MODE            Change the output mode
                             (Available modes are curses, ansi and html.)
  -o, --options=OPTIONS...   Toggle some options
                             (such as scroll, wordcolor and lookups,
                             transparent, or cssfile)
  -p, --plugin=PLUGIN        Load PLUGIN
  -r, --remove-facility      remove syslog-ng's facility from start of the
  -?, --help                 Give this help list
      --usage                Give a short usage message
  -V, --version              Print program version

Mandatory or optional arguments to long options are also mandatory or optional
for any corresponding short options.

Report bugs to <algernon@bonehunter.rulez.org>.

Cheers and have fun!


Discussion and feedback

You can use utterances provided below to post comment on behalf using Github account. Alternatively, you can just send a public comment to my mailing list or send a private message to my e-mail. In a few cases and on certain time, I just don’t have time to moderate them. Please read terms-of-service (ToS) for details.