LogNest — Local Log Analysis for Backend Developers

Features

Everything you need to debug locally

Built for the developer workflow — fast ingestion, instant search, live streaming.

⚡

HTTP Log Ingestion

POST logs from any language or framework via a simple REST API. No agent, no daemon, no config files.

🔌

Plug & Play Libraries

Official client libraries for Java, Node.js, and Python. One dependency install — logs flow automatically.

📡

Live Streaming

Real-time log streaming via SSE. Watch logs flow like tail -f with auto-scroll.

🔍

Smart Filtering

Filter by level, service name, or search message text. Instant results across all stored logs.

💾

Local SQLite Storage

Logs stored in an embedded SQLite file on your machine. No external database server needed.

📊

Error Rate Charts (Pro+)

Visualize error counts over time. Spot spikes and incidents before they become crises.

🔔

Alert Rules (Pro+)

Define thresholds — get notified in the dashboard when error rates exceed your limit.

📁

Export CSV / JSON (Starter+)

Download filtered log data as CSV or JSON to share with your team or import elsewhere.

🧹

Session Clear (Starter+)

Auto-wipe all logs every time LogNest starts. Perfect for shared machines or privacy-sensitive environments. Toggle in Settings — no restart needed.

🔒

100% Private

Runs entirely on your machine. Your logs never leave localhost. No account, no telemetry.

🤖

Unstructured Log Agent (Enterprise)

Tail any log file or pipe any process output directly to LogNest. No code changes — works with legacy apps, Docker containers, and syslog.

Use Cases

Who uses LogNest — and why

From solo Pi projects to enterprise dev environments where logs can never leave the building.

🍓

Raspberry Pi & Edge Devices

Running a Pi project, home server, or edge device? Your Pi sends logs over your local network to LogNest on your dev machine — no cloud, no internet, no data leaving your home or lab. View, filter, and search Pi logs in a real dashboard. See Pi setup guide →

LAN Only

⚡

Stop Hunting Logs in Your IDE

Stop scrolling through IntelliJ or VS Code console output hoping to find that one ERROR. LogNest gives you live filtering, full-text search, level highlighting, and one-click log detail — all outside your IDE.

Developer Workflow

🇪🇺

GDPR-Constrained Teams

Sending dev or staging logs to a third-party SaaS like Datadog or Papertrail may require a DPA and a full GDPR compliance review — or be prohibited entirely if logs contain EU user data. LogNest keeps everything on-machine. No DPA needed.

GDPR Compliant

🏥

Healthcare & HIPAA Apps

Dev logs for healthcare software can contain PHI fragments — patient IDs, appointment data, request bodies. Sending them off-machine to a logging SaaS creates compliance exposure. LogNest stores everything locally, with no third-party data processing.

HIPAA Safe

🏢

Corporate Policy: No External SaaS

Many enterprise security policies prohibit forwarding internal service logs to third-party cloud tools. LogNest satisfies these policies out of the box — fully on-machine, zero outbound traffic during normal operation.

Policy Compliant

💸

Skip the $30–$200/mo Cloud Bill

During development and early testing you don't need Datadog. Cloud logging bills add up fast — especially for side projects and startups. LogNest is a one-time purchase with no recurring fees, no ingestion limits on your wallet.

One-Time Purchase

🐳

Local Microservice Stacks

Running 5 services locally with Docker Compose? Aggregate all their logs in one dashboard instead of juggling docker logs -f across 5 terminals. Filter by service name, correlate errors across services, spot cascading failures in seconds.

Multi-Service

🔓

Open-Source Contributors

When contributing to OSS projects, your local logs may contain API keys, config values, internal paths, or credentials you'd never want uploaded to a third party. LogNest keeps everything offline — your environment, your data.

No Data Leaks

🔒

Air-Gapped & Secure Environments

No internet on the dev machine? Working in a secure facility, government project, or isolated network? LogNest works 100% offline — no telemetry, no license server ping, no cloud dependency of any kind.

Fully Offline

🏦

Apps Handling Personal & Financial Data

Building fintech, banking, insurance, or any app that touches SSNs, account numbers, card data, or personal identifiers? Debug-level logs frequently contain fragments of this data — request bodies, validation errors, stack traces with user input. Sending those logs to a cloud SaaS is a compliance and liability risk. With LogNest, every log stays on your machine. Nothing is transmitted, nothing is stored off-device — so you can debug freely without worrying about accidentally leaking PII into a third-party system.

PII Safe

Integration

Plug & play — one install, zero boilerplate

Official client libraries send logs automatically. No code changes needed for Spring Boot.

⬇ Download Java Client (.zip)Spring Boot auto-configuration · Logback appender · zero code changes

1 Add the dependency to pom.xml

<dependency>
    <groupId>com.lognest</groupId>
    <artifactId>lognest-spring-boot-starter</artifactId>
    <version>1.0.0</version>
</dependency>

2 Set your service name in application.properties

lognest.service=payment-service

# Optional — these are the defaults:
# lognest.url=http://localhost:9000/logs
# lognest.level=DEBUG
# lognest.enabled=true

3 That's it. Run your app.

// Your existing code — zero changes needed
log.info("Payment processed", Map.of("orderId", id));
log.error("Checkout failed", exception);
log.warn("Retry attempt {}", attempt);

Every log.info/warn/error/debug call automatically appears in LogNest. MDC values (trace IDs, request IDs) are included as metadata.

How it works

// Spring Boot auto-configuration registers
// a Logback appender automatically when the
// JAR is on the classpath.
//
// Console output on startup:
[LogNest] Connected
  service = 'payment-service'
  url     = 'http://localhost:9000/logs'
  level   = 'DEBUG'
//
// All logs forwarded asynchronously.
// LogNest being down never affects your app.

Disable per environment

# application-prod.properties
lognest.enabled=false   # off in production

Spring Boot 3.x Logback auto-config Async / non-blocking Zero extra dependencies

⬇ Download Node.js Client (.zip)Node 14+ · ESM & CommonJS · no dependencies

1 Install the package

npm install lognest-node

2 Create a logger

const LogNest = require('lognest-node')

const log = new LogNest({ service: 'api-gateway' })

// Use it anywhere
log.info('Server started', { port: 3000 })
log.warn('High memory', { usedMb: 512 })
log.error('Request failed', { userId, endpoint })

Zero-change option — patch console

const LogNest = require('lognest-node')

// Add this one line at app startup
new LogNest({ service: 'my-app', patchConsole: true })

// All existing console calls now go to LogNest:
console.log('User logged in')   // → INFO
console.warn('Slow query')      // → WARN
console.error('DB timeout')     // → ERROR

Child loggers with default metadata

// Attach metadata to every log in a request
app.use((req, res, next) => {
  req.log = log.child({
    requestId: req.id,
    userId:    req.user?.id,
  })
  next()
})

// Later in route handlers:
req.log.info('Checkout started')
// → metadata: {requestId, userId} auto-included

Options

new LogNest({
  service:      'my-service',
  url:          'http://localhost:9000/logs', // default
  level:        'DEBUG',   // min level to send
  enabled:      true,
  patchConsole: false,
})

Node.js 14+ No dependencies ESM + CommonJS Async fire-and-forget

⬇ Download Python Client (.zip)Python 3.7+ · stdlib only · Django, Flask, FastAPI

1 Install the package

pip install lognest

2 One-line setup

import lognest
lognest.setup(service='ml-pipeline')

# All existing logging calls now go to LogNest:
import logging
logging.error('Model training failed')
logging.warning('Low disk space')
logging.info('Batch job completed')

Django — settings.py

LOGGING = {
    'version': 1,
    'handlers': {
        'lognest': {
            'class':   'lognest.LogNestHandler',
            'service': 'django-app',
        },
    },
    'root': {
        'handlers': ['lognest'],
        'level':    'DEBUG',
    },
}

FastAPI / Flask

from fastapi import FastAPI
import lognest, logging

# Add at top of main.py — done
lognest.setup(service='fastapi-app')
logger = logging.getLogger(__name__)

app = FastAPI()

@app.get('/checkout')
async def checkout(order_id: str):
    logger.info(f'Processing order {order_id}')
    # ... your existing code unchanged
    logger.error('Payment gateway timeout')

Manual handler (more control)

from lognest import LogNestHandler
import logging

handler = LogNestHandler(
    service='my-service',
    url='http://localhost:9000/logs',
)
handler.setLevel(logging.WARNING)  # only WARN+
logging.getLogger().addHandler(handler)

Python 3.7+ stdlib only — zero deps Thread-safe async Django · Flask · FastAPI

curl — test instantly

curl -X POST http://localhost:9000/logs \
  -H "Content-Type: application/json" \
  -d '{
    "level":    "ERROR",
    "service":  "payment-service",
    "message":  "Null pointer at PaymentController:42",
    "trace_id": "abc-123",
    "timestamp": 1710000000000,
    "metadata": {
      "userId":  "u1",
      "orderId": "o99"
    }
  }'

All fields except level, service, message are optional. timestamp defaults to current time if omitted.

payload := map[string]interface{}{
    "level":   "ERROR",
    "service": "go-service",
    "message": err.Error(),
}
data, _ := json.Marshal(payload)
http.Post(
    "http://localhost:9000/logs",
    "application/json",
    bytes.NewBuffer(data),
)

Ruby

require 'net/http'
require 'json'

uri = URI('http://localhost:9000/logs')
Net::HTTP.post(
  uri,
  { level: 'ERROR', service: 'rails-app',
    message: e.message }.to_json,
  'Content-Type' => 'application/json'
)

PHP

$ch = curl_init('http://localhost:9000/logs');
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode([
    'level'   => 'ERROR',
    'service' => 'php-app',
    'message' => $e->getMessage(),
]));
curl_setopt($ch, CURLOPT_HTTPHEADER,
    ['Content-Type: application/json']);
curl_exec($ch);

Request body fields

Field	Type	Required
level	string	Yes
service	string	Yes
message	string	Yes
timestamp	long (ms)	No
trace_id	string	No
metadata	JSON object	No

FAQ

Common questions

Does LogNest send any data to the cloud?

No. LogNest runs entirely on your machine. All log data is stored locally in a SQLite file. No telemetry, no analytics, no data ever leaves your computer.

Do I need Java installed to run LogNest?

Yes, Java 17 or higher must be installed on your machine — the installer does not bundle a JRE. Most developer machines already have Java. Check with java -version. Download from adoptium.net if needed.

How do I install the Java Spring Boot starter?

Run mvn install in the clients/java directory included with LogNest. This installs the starter to your local Maven repository. Then add the <dependency> to your project's pom.xml and set lognest.service=your-app in application.properties. That's all.

Will LogNest being down crash my application?

No. All client libraries send logs asynchronously with a 2-second timeout and silently swallow errors. If LogNest is unreachable, your app continues running normally and simply skips sending those logs.

How do I receive my license key?

Email contact@lognest.dev with your plan. You'll receive a license key like LN-PRO-20281231-A3F8B2C1-9D4E7F2A within 24 hours. Paste it in Settings → License inside the app. Features activate instantly.

Can I use one license key on multiple machines?

Yes — each license key can be activated on up to 3 machines for personal use. Need more seats? Contact us for a team license.

What happens when my license expires?

The app reverts to Free tier — your log data is never deleted. Purchase a new key to re-enable paid features. Keys include the expiry date in the key itself and are verified offline.

Is there a refund policy?

Yes — 14-day money-back guarantee, no questions asked. Email contact@lognest.dev.

Can I use LogNest with non-Java/Node/Python languages?

Yes. Any language that can make an HTTP POST request works — Go, Ruby, PHP, Rust, .NET, etc. The API is a plain JSON REST endpoint. See the curl tab in the Integration section for the request format.

What is the Enterprise Log Agent and when do I need it?

The agent (lognest-agent.py) is for apps you can't modify — legacy services, third-party binaries, Docker containers, nginx, syslog, etc. Instead of adding a library to your code, you either tail a log file (tail mode) or pipe the process output (pipe mode) and the agent forwards every line to LogNest automatically. It auto-detects the log level from each line. Requires Enterprise license.

How does the agent detect the log level from unstructured text?

It scans each line (case-insensitive) for keywords: FATAL / CRITICAL / ERROR / EXCEPTION → ERROR; WARN → WARN; DEBUG / TRACE → DEBUG; INFO → INFO. If no keyword matches, it defaults to INFO. You can also force a fixed level with --level ERROR.

Enterprise

Unstructured Log Agent

Forward any log file or process output to LogNest — no code changes, no HTTP client needed. Works with legacy apps, Docker, nginx, syslog, and anything else.

⬇ Download Agent (.zip)Python 3 · stdlib only · zero dependencies · works on Mac, Linux, Raspberry Pi

1 Download the agent

clients/agent/lognest-agent.py

Included with LogNest. Zero dependencies — Python 3 stdlib only.

2 Tail any log file

python lognest-agent.py tail \
  --file /var/log/nginx/error.log \
  --service nginx

3 More examples

# Spring Boot rolling file
python lognest-agent.py tail \
  --file logs/app.log \
  --service spring-api

# Custom LogNest URL
python lognest-agent.py tail \
  --file app.log --service api \
  --url http://localhost:9000

How tail mode works

→ Starts at end of file — doesn't re-send old lines
→ Checks for new lines every 50ms
→ Auto-detects level: scans each line for ERROR / WARN / INFO / DEBUG keywords
→ 2-second POST timeout — agent never stalls if LogNest is slow
→ If license is not Enterprise, agent prints a clear error and exits

Any process via pipe

# Legacy app — forward stderr + stdout
./my-legacy-app 2>&1 | python lognest-agent.py pipe \
  --service legacy-app

# Docker container (live)
docker logs -f my-container | python lognest-agent.py pipe \
  --service my-container

# systemd journal
journalctl -f -u my-service | python lognest-agent.py pipe \
  --service my-service

# nginx access log via tail
tail -f /var/log/nginx/access.log | python lognest-agent.py pipe \
  --service nginx-access

Level auto-detection rules

Detected Level	Keywords scanned (case-insensitive)
ERROR	FATAL, CRITICAL, ERROR, EXCEPTION, SEVERE, TRACEBACK
WARN	WARN, WARNING
DEBUG	DEBUG, TRACE
INFO	INFO
INFO (default)	No keyword matched

You can override with --level WARN to force a fixed level for all lines.

POST /logs/raw — plain text endpoint

# Accepts plain text body. Level and service passed as query params.
curl -X POST "http://localhost:9000/logs/raw?service=nginx&level=ERROR" \
  --header "Content-Type: text/plain" \
  --data-binary "2024-01-15 10:23:41 [ERROR] upstream timed out (110) while reading..."

# Level is auto-detected from body text if not provided
curl -X POST "http://localhost:9000/logs/raw?service=my-app" \
  --header "Content-Type: text/plain" \
  --data-binary "WARN: High memory usage detected, used=89%"

Query parameters

Param	Required	Description
service	Yes	Service name shown in LogNest
level	No	Force log level (ERROR/WARN/INFO/DEBUG). If omitted, auto-detected from body text.

Returns {"id": 42, "status": "ok"} on success. Returns 403 if license is not Enterprise.

Dashboard Guide

Everything in the UI explained

Open LogNest at http://localhost:3000 after starting the app.

📋

Logs Tab — main table

The default view. Shows all ingested logs with columns: Time, Level (color-coded), Service, Message. Newest logs at the top.

Click any row to open the full detail panel — shows complete message, trace ID, and pretty-printed metadata JSON.

🔍

Filters bar

Three filters applied simultaneously: Level dropdown (ERROR / WARN / INFO / DEBUG / TRACE), Service text input, and Search for message text.

Filters are applied on every keystroke — no need to press Enter.

📡

Live button — real-time streaming

Toggle the Live button to start a Server-Sent Events stream. New logs from your app appear instantly without refreshing.

Works like tail -f. New logs stack at the top up to 500 entries while Live is on.

📊

Charts Tab Pro+

Line chart showing log counts per level over time. Choose window (15 min → 24 hours) and bucket size (1 min, 5 min, 15 min). Auto-refreshes every 30 seconds.

Use this to spot error spikes during a release or load test.

⚙️

Settings Tab

Three panels: License (enter your key to unlock features), Saved Presets (save filter combos for one-click reuse), Alert Rules (define error rate thresholds).

Presets let you save things like "payment errors" = level:ERROR + service:payment-service.

❓

Help & Pricing Tab

In-app documentation: quick start steps, Java/Node/Python code examples, full API reference, and pricing table with license activation instructions.

Always available offline — no internet needed to read the docs.

📁

Export Starter+

The CSV and JSON buttons in the header export all currently filtered logs. Respects the active level/service/search filters.

Export then open in Excel, share with teammates, or import into another tool.

🔔

Alert Notifications Pro+

When an alert rule fires (e.g. ≥10 ERRORs in 5 minutes), a toast notification appears in the bottom-right corner of the dashboard automatically.

Alerts check every 60 seconds. Each alert won't re-fire within the same time window.

Raspberry Pi & Edge Devices

Stream Pi logs to your dev machine

LogNest runs on your Mac or Windows machine. Your Pi sends logs to it over your local network — no internet, no cloud, no data leaving your lab.

How it works

Raspberry Pi (your app + lognest-python/node) ──── HTTP POST ────→ 192.168.x.x:9000 ────→ LogNest on your Mac/PC

Both devices must be on the same local network (WiFi/Ethernet). No internet needed.

Find your dev machine's local IP

macOS

ifconfig en0 | grep "inet "
# → inet 192.168.1.100 netmask ...

Windows

ipconfig
# → IPv4 Address: 192.168.1.100

Install the client library on your Pi

pip install lognest      # Python (recommended — Pi has Python built-in)
npm install lognest      # Node.js

Point the client at your dev machine

Python

import lognest

lognest.setup(
    service='pi-sensor',
    url='http://192.168.1.100:9000/logs'
)

import logging
log = logging.getLogger(__name__)
log.info("Pi started")
log.error("Sensor read failed")

Node.js

const LogNest = require('lognest')

const log = new LogNest({
  service: 'pi-app',
  url: 'http://192.168.1.100:9000/logs'
})

log.info('Pi started')
log.error('Sensor read failed')

Tip: set LOGLITE_URL=http://192.168.1.100:9000/logs as an environment variable and skip the url argument entirely — no code changes needed.

Enterprise: tail any Pi log file without code changes

# Copy lognest-agent.py to your Pi, then run:
python lognest-agent.py tail /var/log/myapp.log \
  --service pi-system \
  --url http://192.168.1.100:9000/logs

# Or pipe any process output directly:
journalctl -f | python lognest-agent.py pipe \
  --service pi-journal \
  --url http://192.168.1.100:9000/logs

No code changes to your Pi app. Works with any existing log file, systemd journal, or process output. Requires Enterprise license.

Port 9000 blocked? Fix it here.

If your Pi can't reach LogNest, your machine's firewall is likely blocking port 9000. Follow the steps for your OS:

macOS — System Settings firewall

# Option 1: Allow the Java process through the macOS app firewall
sudo /usr/libexec/ApplicationFirewall/socketfilterfw \
  --add $(which java)
sudo /usr/libexec/ApplicationFirewall/socketfilterfw \
  --unblockapp $(which java)

# Option 2: Open port 9000 via pf (packet filter)
echo "pass in proto tcp from any to any port 9000" \
  | sudo pfctl -ef -

# Option 3 (quickest during dev): turn off the app firewall temporarily
# System Settings → Network → Firewall → turn off

After allowing, test from the Pi: curl http://192.168.1.100:9000/logs/ping — should return 200 OK.

Windows — Windows Defender Firewall

# Run PowerShell as Administrator:
New-NetFirewallRule `
  -DisplayName "LogNest port 9000" `
  -Direction Inbound `
  -Protocol TCP `
  -LocalPort 9000 `
  -Action Allow

Or: Control Panel → Windows Defender Firewall → Advanced Settings → Inbound Rules → New Rule → Port → TCP 9000 → Allow.

Linux (dev machine on Linux)

# ufw
sudo ufw allow 9000/tcp
sudo ufw reload

# iptables
sudo iptables -A INPUT -p tcp --dport 9000 -j ACCEPT

Still not connecting? Quick checklist

✓ Both Pi and dev machine are on the same WiFi/LAN — not a guest network or different subnet

✓ LogNest backend is running — open http://localhost:9000 in your browser to confirm

✓ The IP you're using is your machine's LAN IP (192.168.x.x), not 127.0.0.1

✓ Test reachability from the Pi: ping 192.168.1.100 then curl http://192.168.1.100:9000/logs/ping

✓ Some routers have AP isolation enabled — this blocks device-to-device traffic on the same WiFi. Check your router settings and disable it.

API Reference

Full REST API

Base URL: http://localhost:9000

Method	Endpoint	Description	Plan
POST	/logs	Ingest a log entry. Body: `level`, `service`, `message` (required) + `timestamp`, `trace_id`, `metadata` (optional)	Free
GET	/logs	Query logs. Params: `level` `service` `search` `from` `to` `limit` (default 100)	Free
GET	/logs/stream	Server-Sent Events stream. Emits `log` events for new logs and `alert` events when alert rules fire.	Free
DELETE	/logs	Delete all stored logs.	Free
GET	/logs/export	Download logs as file. Params: `format=csv\|json`, same filters as GET /logs.	Starter+
GET	/settings	Get current app settings. Returns `sessionClear` (bool) and `sessionClearEnabled` (bool based on license).	Free
POST	/settings	Update app settings. Body: `{"sessionClear": true}`. Clears all logs on next startup when enabled.	Starter+
GET/POST/DELETE	/presets	Saved filter presets. POST body: `name`, `level`, `service`, `search`.	Starter+
GET	/analytics/stats	Error counts by time bucket. Params: `windowMinutes` (default 60), `bucketMinutes` (default 5).	Pro+
GET/POST/PUT/DELETE	/alerts	Alert rules. POST body: `name`, `level`, `thresholdCount`, `windowMinutes`, `enabled`.	Pro+
POST	/logs/raw	Ingest plain text log line. Params: `service` (required), `level` (optional — auto-detected from body if omitted). Body: plain text.	Enterprise
GET	/license	Returns current tier and feature flags: `tier`, `logLimit`, `exportEnabled`, `chartsEnabled`, `alertsEnabled`, etc.	Free
POST	/license/activate	Activate a license key. Body: `{"key": "LN-PRO-20281231-XXXXXXXX"}`. Returns `success` and `tier`.	Free

Example responses

// POST /logs → 200
{ "id": 42, "status": "ok" }

// GET /logs?level=ERROR&limit=2
[
  {
    "id": 42,
    "timestamp": 1710000000000,
    "level": "ERROR",
    "service": "payment-service",
    "message": "NPE at PaymentController:42",
    "traceId": "abc-123",
    "metadata": { "userId": "u1" }
  }
]

// GET /license
{
  "tier":           "PRO",
  "logLimit":       100000,
  "retentionDays":  90,
  "exportEnabled":  true,
  "chartsEnabled":  true,
  "alertsEnabled":  true,
  "presetsEnabled": true
}

// POST /license/activate
{ "success": true, "tier": "PRO" }

Debug logs faster.
Without leaving your machine.

Start debugging smarter today.

Email us your plan

Receive your license key

Open Settings in LogNest

Paste your key & click Activate

Features unlock instantly

Debug logs faster.Without leaving your machine.