A production-style command-line log analysis tool written in C++17. Parse, filter, and generate reports from log files — with colorized output, keyword search, and file export.
- ✅ Parse standard log formats (timestamped, simple)
- ✅ Filter by log level (DEBUG, INFO, WARNING, ERROR, CRITICAL)
- ✅ Filter by keyword, source/component, or time range
- ✅ Colorized terminal output by severity
- ✅ Summary report with level breakdown and bar chart
- ✅ Top recurring error messages
- ✅ Export filtered results to a file
- ✅ Google Test unit test suite
- ✅ CMake build system
log-parser/
├── src/
│ ├── main.cpp # CLI argument parsing & orchestration
│ ├── LogEntry.h/.cpp # Log entry model + level enum
│ ├── LogParser.h/.cpp # File reading & regex-based line parsing
│ ├── LogFilter.h/.cpp # Filter by level, keyword, source, time
│ ├── LogReport.h/.cpp # Colorized output, summary, export
│ └── Utils.h/.cpp # ANSI colors, string helpers
├── tests/
│ └── test_parser.cpp # Google Test suite (12 tests)
├── sample_logs/
│ └── app.log # Sample log file for testing
└── CMakeLists.txt
- C++17 compiler (GCC 9+ or Clang 10+)
- CMake 3.14+
git clone https://github.com/CodesbyNeo/log-parser.git
cd log-parser
# Build
cmake -B build -DCMAKE_BUILD_TYPE=Release
cmake --build build
# Run with sample log
./build/logparser sample_logs/app.loglogparser <logfile> [options]
Options:
--level <LEVEL> Filter: DEBUG, INFO, WARNING, ERROR, CRITICAL
--keyword <TEXT> Search keyword in messages
--source <SOURCE> Filter by component/source
--after <TIME> Show entries after timestamp (YYYY-MM-DD HH:MM:SS)
--before <TIME> Show entries before timestamp
--export <FILE> Export results to a file
--summary Show summary report only
--no-color Disable colorized output# Show all logs
./logparser sample_logs/app.log
# Show only errors
./logparser sample_logs/app.log --level ERROR
# Search for database issues
./logparser sample_logs/app.log --keyword "connection" --level ERROR
# Show summary report
./logparser sample_logs/app.log --summary
# Export errors to file
./logparser sample_logs/app.log --level ERROR --export errors.log
# Filter by time range
./logparser sample_logs/app.log --after "2024-01-15 08:10:00"cmake -B build
cmake --build build
cd build && ctest --output-on-failureParsing: sample_logs/app.log
Parsed 30 entries (1 lines skipped)
------------------------------------------------------------
[ERROR ] 2024-01-15 08:02:10 [database ] Connection pool exhausted
[ERROR ] 2024-01-15 08:02:11 [server ] Failed to process request
[CRITICAL] 2024-01-15 08:02:45 [server ] Service degraded
============================================================
LOG ANALYSIS REPORT
============================================================
Total entries parsed : 30
Level Breakdown:
CRITICAL : 2 ██
ERROR : 5 █████
WARNING : 4 ████
INFO : 11 ███████████
DEBUG : 8 ████████
Top Error Messages:
1. [2x] Connection pool exhausted. Max connections: 10
2. [2x] NullPointerException in UserService.getProfile()
============================================================
MIT