Logtop is an handy log analyzer that can show realtime statistics from any given text file. Common usage example is redirecting the output of your log files to it, in order to get the top visitors of your webpages, or the top hosts requesting pages through your proxy server… all of this in a realtime top list.

Logtop requires git (to clone logtop source from github) plus the ncurses and uthash development packages. Since the package uthash-devel is not available in the base CentOS repository, you will also need to get EPEL repository rpm from:

http://download.fedoraproject.org/pub/epel/beta/7/x86_64/repoview/epel-release.html</code>

and install it:

rpm -ivh epel-release-7-0.2.noarch

then import its rpm gpg key:

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

Now you may install the dependencies:

yum install git ncurses-devel uthash-devel

Get logtop from github:

git clone https://github.com/JulienPalard/logtop.git

Dive into its directory and compile it:

cd logtop
make
make install

That’s it! Example usage: Apache top 10 requests:

tail -f /var/log/httpd/access_log | awk {'print $1; fflush();'} | logtop
grab 01

Squid top users:

tail -f /var/log/squid/access.log | awk {'print $1; fflush();'} | logtop
grab 02

Still on your proxy server, you may want to show the top requested urls:

tail -f /var/log/squid/access.log | awk {'print $7; fflush();'} | logtop
grab 03

Logtop project page:

https://github.com/JulienPalard/logtop