search
ControlTheory Website

Quick Start

Get up and running with Gonzo in under 5 minutes! This tutorial will walk you through your first log analysis session.

circle-info

Prerequisites: Make sure you have Gonzo installed. If not, check the Installation Guide first.

hashtag
Your First Log Analysis

Let's start with a simple example using sample log data.

hashtag
Step 1: Create Sample Logs

First, let's create some sample log data to analyze:

# Create a sample JSON log file
cat > sample.log << EOF
{"timestamp":"2024-01-15T10:30:00Z","level":"info","service":"web-api","message":"User login successful","user_id":"12345"}
{"timestamp":"2024-01-15T10:30:05Z","level":"error","service":"web-api","message":"Database connection failed","error":"timeout after 30s"}
{"timestamp":"2024-01-15T10:30:10Z","level":"warn","service":"auth","message":"Rate limit exceeded","ip":"192.168.1.100"}
{"timestamp":"2024-01-15T10:30:15Z","level":"info","service":"web-api","message":"User logout","user_id":"12345"}
{"timestamp":"2024-01-15T10:30:20Z","level":"error","service":"database","message":"Query execution failed","query":"SELECT * FROM users","error":"connection refused"}
EOF
circle-info

hashtag
Gonzo now supports native Kubernetes integration and can connect directly to your cluster using your kubeconfig using "gonzo --k8s-enabled=true". See here for more.

hashtag
Step 2: Launch Gonzo

Now let's analyze these logs with Gonzo:

🎉 Gonzo will launch with a beautiful terminal interface!

hashtag
Understanding the Interface

When Gonzo opens, you'll see a 5-panel layout inspired by k9s:

hashtag
Panel Overview

Panel
Description
What You'll See

Word Frequency (top-left)

Most common words

Keywords ranked by frequency

Top Attributes (top-right)

Metadata auto-detected in structured logs

Attributes detected in log message, e.g. in OTel format, or JSON format detected logs

Top Detected Patterns (middle-left)

Log patterns by frequency/volume

Top patterns in log message/body (using Drain3 algorithm)

Log Counts by Severity Over Time (middle-right)

Logs counts over time

Severity distribution, patterns, time series

Log Viewer (bottom)

Live feed of log entries

Colored by severity (red=error, yellow=warn, etc.)

hashtag
Basic Navigation

Let's explore the interface:

hashtag
Essential Keyboard Shortcuts

Key
Action
Try This

Tab / Shift+Tab

Switch between panels

Navigate around the 2x2 grid

↑/↓ or k/j

Move up/down in lists

Navigate through log entries

Enter

View details

Press on a log entry or the Counts panel

Space

Pause/unpause dashboard

Freeze the display to examine data

/

Enter filter mode

Type regex patterns to filter logs

s

Search/highlight

Search and highlight text in logs

f

Enter full screen log viewer

Fill your terminal with full screen log viewer

Escape

Close modal/exit filter mode

Close modal/exit filter mode

q

Quit Gonzo

Exit the application

?/h

Show help

Show help

hashtag
Try These Actions

  1. Navigate panels: Press Tab to move between the five panels

  2. Examine logs: Use arrow keys in the Log Viewer to browse entries

  3. View details: Press Enter on a log entry to see full details

  4. Explore analytics: Press Enter on the Counts panel for deep analysis

hashtag
Filtering Your Logs

One of Gonzo's most powerful features is real-time filtering (regex supported):

hashtag
Basic Filtering

hashtag
Severity Filtering

Gonzo automatically detects and color-codes log levels:

  • 🔴 ERROR - Critical issues requiring attention

  • 🟡 WARN - Warnings and potential problems

  • 🔵 INFO - Informational messages

  • DEBUG - Detailed debugging information

hashtag
Real-Time Log Following

For live log analysis, use the --follow flag:

circle-check

Pro Tip: Use Space to pause the live feed when you need to examine something closely. The logs keep buffering in the background!

hashtag
Next Steps

Now that you've got the basics down, explore these features:

hashtag
🔍 Advanced Analysis

  • Press Enter on the Log Counts panel to see:

    • Time-series heatmaps

    • Top services by severity

    • Service distribution charts

    • 60-minute rolling window analysis

hashtag
🤖 AI-Powered Insights

Set up AI analysis (hosted or local models supported) for intelligent log insights:

hashtag
📊 Multiple Data Sources

Gonzo handles various input methods:

hashtag
Common Use Cases

Here are some real-world scenarios to try:

hashtag
Troubleshooting

Gonzo not starting?

  • Check that your terminal supports UTF-8

  • Verify log file permissions

  • Try with a simple test: echo "test" | gonzo

Colors not showing?

  • Ensure your terminal supports ANSI colors

  • Check if NO_COLOR environment variable is set

Performance issues?

  • Adjust buffer sizes: gonzo -f large.log --log-buffer=5000

  • Use filtering to reduce data volume

hashtag
What's Next?

Ready to dive deeper? Check out these guides:

  • Interface Overview - Detailed explanation of all panels and features

  • Log Input Methods - Files, stdin, OTLP, and more

  • AI Integration - Set up intelligent log analysis

  • Configuration - Customize Gonzo for your workflow

hashtag
Need Help?

hashtag
Learn More

Check out these practical guides:

Congratulations! 🎉 You've completed the Gonzo quick start. You now know how to analyze logs, navigate the interface, and use basic filtering. Time to explore your real log data!

PreviousInstallationNextBasic Usage

Last updated