| description | allowed-tools | argument-hint |
|---|---|---|
Query service logs from Loki using logcli |
Bash(logcli *) |
[ --env=dev|prod ] [ filter description ] |
Query service logs from Loki using logcli.
--env=dev(default): Development platform logs--env=prod: Production platform logs
Password is cached in macOS Keychain (service: some-service-loki-password).
The SessionStart hook auto-populates it from 1Password on first run (one Touch ID).
To refresh manually, use /service:logs:refresh.
logcli query '{service_name="some-service"}' \
--addr="https://loki.some-service.dev" \
--username="user" \
--password="$(security find-generic-password -a "$USER" -s some-service-loki-password -w)" \
--org-id="common" \
--limit=100 \
--since=1hlogcli query '{service_name="some-service"}' \
--addr="https://loki.some-service.dev" \
--username="user" \
--password="$(security find-generic-password -a "$USER" -s some-service-loki-password -w)" \
--org-id="common" \
--limit=100 \
--since=1h| Option | Description |
|---|---|
--since=15m |
Last 15 minutes |
--since=1h |
Last hour |
--since=6h |
Last 6 hours |
--since=24h |
Last 24 hours |
--from="2025-02-05T10:00:00Z" --to="2025-02-05T12:00:00Z" |
Absolute range |
| Option | Description |
|---|---|
--output=raw |
Log lines only (no timestamps/labels) |
--output=jsonl |
JSON format |
--quiet |
Suppress metadata |
--limit=N |
Max entries (0 = unlimited) |
| Operator | Description | Example |
|---|---|---|
|= |
Contains | |= "error" |
|~ |
Regex match | |~ "error|warning" |
!= |
Not contains | != "debug" |
!~ |
Not regex | !~ "health" |
/service:logs:setup- Install and configure logcli