A log viewer that can parse log files and stream logs from C#, Python, Java and others. You can also implement your own parsers or request to add new parsers for other logs
Usage and how to create custom data providers
Analogy Log Viewer is multi purpose Log Viewer for Windows Operating systems.
Some features of this tool are:
- Windows event log support (evtx files)
- Aggregation into single view.
- Search in multiple files
- Combine multiple files
- Compare logs
- Themes support
- 64 bit support (allow loading more files)
- Personalization (users settings per user)
- Columns Extendable: Ability to add more columns specific to the data source implementation
- Exporting to Excel/CSV files
- Collaboration-like feature: ability to send log messages to gRPC/WCF service and/or between data providers
Main interaction UI:
- Ribbon area: Log files operations (open) and tools (search/combine/Compare)
- Messages area: File system UI and Main Log viewer area
The application supports the followings data providers:
-
Common logs frameworks like: Serilog, NLog, Log4Net, Microsoft Logging.
-
Generic file types: Json Parser and XML parser.
-
Real time streaming from the following languages: C#, C++, Python and JAVA using gRPC log Server and client.
-
Custom providers. Create specific parsers for specific applications.
Thre are 3 modes of operations:
- real time log server: a gRPC Windows service that can receive messages from any gRPC client and the Log viewer app can connect to it to show real time logs.
- real time logs: different implementation that can receive logs in real time (e.g: Windows event log data provider that show event logs as they are created)
- Offline mode: Parse log files. There are many different implemetations. For a full list: see implementations for common logs files/frameworks.
If you need you can create your own providers: to implement a new data provider do the following:
-
Create new cs project and make sure your assembly is named Analogy.LogViewer.*.dll.
-
reference nugets package Analogy.LogViewer.Interfaces and Analogy.LogViewer.Template
-
inherite
Analogy.LogViewer.Template.PrimaryFactory
class from the template and override some properties:
public class PrimaryFactory : Analogy.LogViewer.Template.PrimaryFactory
{
internal static Guid Id { get; }= new Guid("XXXXXXXX");
public override Guid FactoryId { get; set; } = Id;
public override string Title { get; set; } = "Name of your provider (like Serilog, Nlog)";
public override IEnumerable<IAnalogyChangeLog> ChangeLog { get; set; } = ChangeLogList.GetChangeLog();
public override IEnumerable<string> Contributors { get; set; } = new List<string> { "Lior Banai" };
public override string About { get; set; } = "Analogy Log Parser";
public override Image? SmallImage { get; set; } = Resources.Image16x16;
public override Image? LargeImage { get; set; } = Resources.Image32x32;
}
The FactoryId is the identifier of your provider. all other providers (real time, offline) refer to this identifier to group them under the tab in the U.
- create DataProvidersFactory class that contains all your providers (real time or offline):
public class DataProvidersFactory : LogViewer.Template.DataProvidersFactory
{
public override Guid FactoryId { get; set; } = PrimaryFactory.Id;
public override string Title { get; set; } = "Log Parsers";
public override IEnumerable<IAnalogyDataProvider> DataProviders { get; set; } = new List<IAnalogyDataProvider>
{new SomeOfflineDataProvider(), new OnlinelineDataProvider() };
}
- To implement offline (log file) Parser inherite
Analogy.LogViewer.Template.OfflineDataProvider
and at minimum override the Parse methods and some properties like Id:
public class OfflineDataProvider : Analogy.LogViewer.Template.OfflineDataProvider
{
public override Image? SmallImage { get; set; } = null;
public override Image? LargeImage { get; set; } = null;
public override string? OptionalTitle { get; set; } = "Some Parser";
public override string FileOpenDialogFilters { get; set; } = "txt files (*.txt)|*.txt|All files (*.*)|*.*";
public override IEnumerable<string> SupportFormats { get; set; } = new List<string> { "*.txt" };
public override string? InitialFolderFullPath { get; set; } = Environment.CurrentDirectory;
public override Guid Id { get; set; } = new Guid("XXXX");
private PlainTextLogFileParser parser=new PlainTextLogFileParser();
public override Task<IEnumerable<AnalogyLogMessage>> Process(string fileName, CancellationToken token,ILogMessageCreatedHandler messagesHandler)
=> parser.Process(fileName, token, messagesHandler);
- To implement real time streaming Parser inherite
Analogy.LogViewer.Template.OnlineDataProvider
and again override needed members.
you can use exisitng projects (like PowerToys Parser for offline and Windows Event logs for real time) another option is to check the Analogy.LogViewer.Example example.
- Put your dll at the same folder as the application. You can download latest version
Along with custom Data Providers you can create extensions for existing providers:
- In Place extension: Add columns to the log messages data grid to add more information to the data grid,
- User Control extension: Add new tab in the UI with a custom user control that receive the incoming messages and can create custom logic to handles those.
The example data provider has example for this (you need to enable the extension in the extensions tab in the user settings).
Discuss about the extension here: Extension Disscussion
Along with custom Data Providers you can create Plots of arbitrary data by implementing the IAnalogyPlotting
Interface:
public interface IAnalogyPlotting
{
event EventHandler<AnalogyPlottingPointData> OnNewPointData;
IEnumerable<(string SeriesName, AnalogyPlottingSeriesType SeriesViewType)> GetChartSeries();
Guid Id { get; set; }
/// <summary>
/// the factory id which this Data providers factory belongs to
/// </summary>
Guid FactoryId { get; set; }
string Title { get; set; }
Task InitializePlottingAsync(IAnalogyLogger logger);
Task StartPlotting();
Task StopPlotting();
}
}
The example data provider has example for this:
You can select the chart's layout from the UI:
Discuss about the plotting here: Extension Disscussion
The application has some analyzers and visualization.
-
Time Distribution: shows at what time of day the message was logged.
-
Frequency: shows count of how many repeated messages were logged (you can define the text to filter).
-
On/Off Distribution: Show existance of message along the time.
- For a complete list visit Analogy Overview repository.
Data Provider | Description |
---|---|
gRPC Real Time Data Provider | A gRPC Data provider that connect to Analogy Log Server and read message back to Analogy Log Viewer |
Analogy.AspNetCore.LogProvider | A AspNetCore provider that streams logs to Analogy Log Server |
Analogy.LogViewer.NLog.Targets | NLog Target that streams logs to Analogy Log Server |
Serilog Sink | Serilog Sink that streams logs to Analogy Log Server |
Windows event logs | Real time Component of Windows Event logs Parser |
Data Provider | Description |
---|---|
Serilog Parser | Parser for Serilog log files |
NLog Parser | Parser for NLog log files |
Log4Net Parser | Parser for Log4Net log files |
Regular Expression Parser | Regular Expression Parser |
IIS log Parser | Parser for IIS log files |
RSS Reader | RSS Feeds inside Analogy Log Viewer |
Generic Json Log Parser | Generic Json Parser |
XML Parser | Generic XML Parser |
Windows event logs | Windows Event logs Parser |
Plain Text Parser | Plain Text Parser |
Git History | Display your Git Repository commit history |
Kafka Producer/ consumer | Kafka Producer / Consumer |
- Windows 10 blocks Zip files by default. Make sure to unblock them before unzipping. How to unblocked.