added docs and screenshot

moayyaed · Sep 6, 2017 · 46977ac · 46977ac
1 parent 14e3daf
commit 46977ac
Show file tree

Hide file tree

Showing 5 changed files with 36 additions and 5 deletions.
diff --git a/README.md b/README.md
@@ -64,6 +64,7 @@ Edit the following fields:
  - By default each line displayed in the events view is of format:
   `display_timestamp hostname program:message`
  - message_format - Used to add additional fields to be shown for log event. For more details refer [Adding additional fields](docs/add_fields.md)
+ - color_coding - Color code messages based on field values. For more details refer [Color coding messages](docs/color_coding.md)
  - Any changes in `logtrail.json` requires restart of Kibana
 
 ### If you are starting fresh

diff --git a/docs/add_fields.md b/docs/add_fields.md
@@ -41,6 +41,6 @@ To add `pid` and `host ip address` to each log event following is the configurat
 ```
 For the above configuration the event console display will be like:
 
-![Add Fields screenshot](https://raw.githubusercontent.com/sivasamyk/logtrail/message_format/docs/add_fields.png)
+![Add Fields screenshot](https://raw.githubusercontent.com/sivasamyk/logtrail/master/docs/add_fields.png)
 
 On clicking additional field, logtrail will automatically search for log messages matching the value of the field. For example on clicking the pid `16545` in above message, logtrail will search for all message whose pid is `16545` in this index.
diff --git a/docs/color_coding.md b/docs/color_coding.md
@@ -0,0 +1,29 @@
+##Color Coding messages##
+Logtrail provides option to color code the messages based on field values. This feature can be enabled by configuring `color_coding` field in `logtrail.json`. Let us assume you have following log messages:
+```
+2016-07-06 22:17:28,705 ERROR: org.graylog2.bootstrap.CmdLineTool - Couldn't load configuration: Properties file /etc/graylog/server/server.conf doesn't exist!
+2016-07-06 22:18:14,268 INFO : org.graylog2.bootstrap.CmdLineTool - Loaded plugin: Collector 1.0.3 [org.graylog.plugins.collector.CollectorPlugin]
+2016-07-10 17:37:28,541 WARN : org.graylog.plugins.map.geoip.GeoIpResolverEngine - GeoIP database file does not exist: /tmp/GeoLite2-City.mmdb
+2016-07-10 17:37:29,302 INFO : org.graylog2.bootstrap.ServerBootstrap - JRE: Oracle Corporation 1.8.0_77 on Linux 3.16.0-30-generic
+2016-07-06 22:18:18,219 DEBUG : org.mongodb.driver.cluster - Cluster created with settings {hosts=[localhost:27017], mode=SINGLE, requiredClusterType=UNKNOWN, serverSelectionTimeout='30000 ms', maxWaitQueueSize=5000}
+```
+
+Assuming the log level ( ERROR, WARN, INFO, DEBUG, TRACE ) is mapped to field `log_level` in Elasticsearch , following configuration in `logtrail.json` will color code the messages:
+
+```json
+"color_coding": {
+      "field": "log_level",
+      "mapping": {
+        "ERROR": "#FF0000",
+        "WARN": "#FFEF96",
+        "DEBUG": "#B5E7A0",
+        "TRACE": "#CFE0E8"
+      }
+    }
+```
+
+If there are no matches in the mapping, the default color ( as per CSS ) will be applied.
+
+For the above configuration the event console display will be like:
+
+![Color Coding screenshot](https://raw.githubusercontent.com/sivasamyk/logtrail/colors/docs/color_coding.png)
diff --git a/logtrail.json b/logtrail.json
@@ -22,6 +22,8 @@
             "message": "syslog_message"
         },
         "message_format": "{{{syslog_message}}}"
+      },
+      "color_coding" : {
       }
     }  
   ]

diff --git a/server/routes/server.js b/server/routes/server.js
@@ -35,7 +35,6 @@ function convertToClientFormat(selected_config, esResponse) {
   for (var i = 0; i < hits.length; i++) {
     var event = {};
     var source =  hits[i]._source;
-
     event.id = hits[i]._id;
     var get = require('lodash.get');
     event['timestamp'] = get(source, selected_config.fields.mapping['timestamp']);
@@ -44,9 +43,9 @@ function convertToClientFormat(selected_config, esResponse) {
     event['program'] = get(source, selected_config.fields.mapping['program']);
 
     //Calculate message color, if configured
-    if (selected_config.color) {
-      var color_field_val = get(source, selected_config.color.field);
-      var color = selected_config.color.mapping[color_field_val];
+    if (selected_config.color_coding && selected_config.color_coding.field) {
+      var color_field_val = get(source, selected_config.color_coding.field);
+      var color = selected_config.color_coding.mapping[color_field_val];
       if (color) {
         event['color'] =  color;
       }
-Original file line number
+Diff line change
@@ Expand Up / @@ -22,6 +22,8 @@ @@
                 "message": "syslog_message"
             },
             "message_format": "{{{syslog_message}}}"
+          },
+          "color_coding" : {
           }
         }
       ]
@@ Expand Down @@