Filter the Tail PiHole Log


I have many Clients in my Network. I was very pleased, if i could set a filter for one specified IP in the Tail PiHole log…


If this could be a regular expression, or as an option, that would save me tailing and grepping in shell all the time :wink:


YaY i am not alone :bananadance:


i’d love this, i use the tail log feature all the time, it might be my most-used pi-hole function. being able to filter it to one or multiple devices would be amazing.


the web interface already features this in the wuery log. if you are not able to use the query log due to the php iosseus try pihoe checkout dev and try the FTL branch


this is for the purpose of watching new requests in real time, not seeing past queries


Actually I added the Pi-hole tail log function a really long time ago to help me debugging stuff, but at some point I thought that others might want to have this as well and here we are: I was correct :slight_smile:

As you may or not have already seen in the code, this is merely a pure tail -f /var/log/pihole.log (a little more fancy than that) implementation, so I’m not sure where to apply the filtering.

If you insist on regular expressions the best way might be to implement it in the displaying browser using some JavaScript. What do you think?


That makes it easier (KISS = Keep It Simple Stupid!)
So we just need two dialog boxes, one for the search parameter and the other a tick box for if we want to use regex.
And just do a:

tail -f /var/log/pihole.log | grep -e REGEX

This is itching so am going to look into this if can do myself :wink:


Unfortunately it is not as easy as using tail -f in the command line, since I had to ensure that is also works over network connections that are not reliable (hence it was likely that the connection gets interrupted).

Have a look here for my actual implementation:

Initially, I ask for the position of the end of the file and then I only ask for updates and update the front end accordingly.

The regex could be applied on the PHP level (after calling fgets()), but then it would have to be validates/sanitized. A solution inside the clients browser still appears to be the simplest way.


I second this.

If you can’t filter the pihole.log, then would it be possible to add a live view feature to specific IP addresses? Instead of having to click on a specific IP to see it’s connections(successful and blocked) and then having to refresh the page to see new connections since, just make that page do a live view of the connections to that specific IP.