LogAn is an intelligent log analysis tool that extracts key insights for SREs/Support Engineers/Developers, to identify and diagnose ongoing issues from logs. It generates two reports: (1) Summary Report presents a table of the representative log lines — each with its predicted golden signals and fault categories — along with the frequency of its occurrence. By using this approach, we've found that the tool can reduce the data volume by up to 90%, since most log lines are informational. (2) Diagnosis Report presents a chronologically ordered set of relevant log windows with user-configurable granularity (e.g., 30s, 1m).
container.sh contains wrapper for building and running the LogAn as container.
bash container.sh build ## You can change ENV=docker/podman in the file
-
Execute
container.shas follows:bash container.sh run OUTPUT_DIR LOG_FILE_PATH TIME_RANGE(OPTIONAL) -ProcessLogFiles(OPTIONAL) -ProcessTxtFiles(OPTIONAL) -DebugMode(OPTIONAL)
- OUTPUT_DIR - The directory where the tool's reports are stored
- LOG_FILE_PATH - Folders/files separated by colon(:).
- TIME_RANGE - Run analysis only on log lines that fall in the time range determined by the latest date in the data (Allowed values: [1-6]-day, [1-3]-week, 1-month, all-data)
-ProcessLogFiles- Enable this to process .LOG files (found in folders). This will not affect .LOG files that you have provided explicitly.-ProcessTxtFiles- Enable this to process .TXT files (found in folders). This will not affect .TXT files that you have provided explicitly.-DebugMode- Enable this flag to store metadata generated during a job for troubleshooting
Example:
bash container.sh run ./tmp/output ./examples/Linux_2k.log all-data
In the above example:
./examples/Linux_2k.log- File./tmp/output- Directory
# Setup venv
uv venv
source .venv/bin/activate
uv pip install torch==2.8.0 --index-url https://download.pytorch.org/whl/cpu
uv pip install -r requirements.txt
# Run Log Analysis
export OUTPUT_DIR="./tmp/output"
uv run python run_log_diagnosis.py \
--input_files "./examples/Linux_2k.log" \
--output_dir "$OUTPUT_DIR" \
--model-name "cross-encoder/nli-MiniLM2-L6-H768"
uv run python -m http.server 8000 --directory "${OUTPUT_DIR}"
# server should be available at http://localhost:8000/log_diagnosisIf you use LogAn for publication, please cite the following research papers:
-
Pranjal Gupta, Karan Bhukar, Harshit Kumar, Seema Nagar, Prateeti Mohapatra, and Debanjana Kar. 2025. Scalable and Efficient Large-Scale Log Analysis with LLMs: An IT Software Support Case Study. AAAI, 2026.
-
Pranjal Gupta, Karan Bhukar, Harshit Kumar, Seema Nagar, Prateeti Mohapatra, and Debanjana Kar. 2025. LogAn: An LLM-Based Log Analytics Tool with Causal Inferencing. ICPE, 2025.
-
Pranjal Gupta, Harshit Kumar, Debanjana Kar, Karan Bhukar, Pooja Aggarwal and Prateeti Mohapatra.2023 Learning Representations on Logs for AIOps. IEEE CLOUD, 2023.
This project was originally developed by IBM Research and is actively supported and maintained by Red Hat.
- Pranjal Gupta
- Harshit Kumar
- Prateeti Mohapatra
- Pradeep Surisetty
- Pravin Satpute
- Rahul Shetty
- Jan Hutar
- Nikhil Jain
We welcome contributions from the community!