Tail/grep only one ip from pihole.log

is there any way to tail/grep only one ip from pihole.log?

Not as far as I know, but I use this solution to bring some detail in never ending stream of log entries.
After you've installed the required things, in baretail / Preferences / Highlighting, enter the IP address you want to see in color.
Setting up the authentication keys is described here, section 4.10

duckduckgo says there is a way:

tail -f /var/log/pihole.log | grep "<IP address you want to follow>"


@jpgpi250 thank you this works for me

This similar command lets you search your pihole logs (not a live tail) for the same information:

sudo grep "<IP address you want to follow>" /var/log/pihole.log for today's log

sudo grep "<IP address you want to follow>" /var/log/pihole.log.1 for yesterday's log

one more question how would you grep blocked only for one ip?

I don't think that is possible (NOT a Linux expert), the query and the answer are on different lines, only the query contains the IP address.

However, if you install this, you can do a database query

You can go to the long term data (Admin GUI > Long term data). Toggle the query status options to limit the information displayed to blocked only, and search in the date range you want. In the results page, search for that client.

here is reddit post you might want to follow. NO code yet (27/12/2018 - 12h00) but I assume it will be available soon.

thanks for informing me

This isn't perfect but I just put this together

#!/usr/bin/env python3

from colorama import Fore

log = open('/var/log/pihole.log', 'r')
search = input('Enter ip: ')

while True:
    for line in log:
        if 'query' in line and search in line:
            print(Fore.RESET + '-------------------------------------')
            print(Fore.GREEN + line)
            for line in log:
                if ('query' in line and search in line):
                    print(Fore.RESET + '-------------------------------------')
                elif 'query' in line and search not in line:
                elif 'forwarded' in line or 'reply' in line or 'cached' in line or 'NXDOMAIN' in line:
                    print(Fore.YELLOW + line)
                elif 'blocked' in line:
                    print(Fore.RED + line)