I'm looking for a tool which will allow me to scroll through logs from client and server, and keep both views in synch by timestamps within the log lines.
So each log entry from log A would be vertically aligned with the nearest (by timestamp) entry from log B.
I'm visualising this being a bit like a the way a visual diff tool scrolls 2 files and keeps them "in sync" even if one has content the other does not. This tool would be a little like that, but would try to align lines by their timestamps rather than textual similarity of the line.
I'm sure someone has written this.
I'm on windows, but I'm analysing historic logs and I could transfer them to linux vm if the tool was good enough.
Best Answer
You may use RSYSLOG to capture logs from all hosts to a common host and store them in a database in sequence. A simple query to the database can pull the log entries in timestamp sequence
If you have the logs on one host and you simply want to analyze behavior, and they are in the same format, then you may want to take a look at Microsoft Logparser. Assuming your logs are csv formatted each containing a header field called datetime and with an extension of .log
Logpaser -i:csv "select datetime, hostname, logentry from *.log order by datetime ASC"
Refs:
http://en.wikipedia.org/wiki/Rsyslog
http://en.wikipedia.org/wiki/Logparser