cli compression for agentic pipelines
smaller logs. cleaner agents.¶
LogStrip - log compression CLI for AI agents.
A zero-dependency CLI that turns chaotic server logs, build pipelines, scanner reports, and container workloads into compact, high-signal context that AI agents can actually reason about - secrets masked, JSON kept valid, output trimmed to your token budget.
[INFO] boot ok [ERROR] request 123e4567-e89b-12d3-a456-426614174000 failed [ERROR] request 987e6543-e21b-42d3-b456-526614174111 failed
[x2] [ERROR] request [ID] failed
705+ detected ecosystems
your stack, covered¶
Trivy Snyk Semgrep nginx PostgreSQL Redis AWS Lambda Datadog Sentry Docker Kubernetes Terraform Kafka Elasticsearch OpenTelemetry Prometheus Grafana GitHub Actions GitLab CI Cloudflare Spring Boot Django Express Next.js Jenkins Helm MongoDB Vitest Jest Pytest Playwright npm Cargo Gradle Webpack Fastify NestJS React Native Flutter Vercel Argo Go test pnpm Cypress Bun Maven Electron Bazel Tekton yarn
npm i -g logstrip
one install away¶
Installs one CLI: logstrip. Zero runtime dependencies on the hot path.
stream
gigabyte-safe¶
Built on Node streams and readline, so multi-gigabyte logs never have to fit in memory.
100/100
coverage gate¶
Statement, branch, function, and line coverage are pinned to 100% across the parser, CLI, and Action.
unix
pipe-native¶
cat raw.log | logstrip > clean.log. Stats on stderr, JSON on stdout (with --output), exit codes 0/1/2.
--max-tokens
fits any context window¶
Budget mode keeps the highest-scoring lines under a hard token cap, so output always fits the context you have left.
[REDACTED]
safe to paste¶
Stripe, AWS, GitHub, JWT and PEM credentials are masked - with a Shannon-entropy fallback for tokens no vendor pattern knows.
hybrid context engine
advanced detection, not regex-only filtering¶
LogStrip scores each sanitized line, keeps nearby context, dampens repeated spam, folds near-identical diagnostics with volatile values, prunes downstream cascades, and hides internal framework frames: compact incident narrative, not a noisy transcript. In the default auto mode every booster below runs automatically - no flags required.
01Score signals from log level, JSON severity, container failures, scanner findings, package managers, diagnostic keywords (including non-English and CJK terms), and stack frames.
02Promote context with a before/after window so setup lines near the failure survive even when they are not errors themselves - sized adaptively by error density in auto mode (wider for isolated errors, tighter for clustered ones).
03Dampen repeats with TF-IDF-style frequency tracking, then fold adjacent diagnostic variants - and repeated multi-line stack windows - into [xN] summaries.
04Summarize deltas by listing only differing key=value values when repeated events share the same shape, including enumerated instance counters like worker [1 | 2 | 3].
05Prune cascades by dropping downstream restatements (aborting due to previous errors, skipped because the upstream job failed) so the originating failure stands out.
06Collapse internals by replacing low-value framework/runtime stack frames with one marker while preserving app frames.
07Detect sources and format across 700+ ecosystems with a single-pass Aho-Corasick automaton, majority-vote the dominant format over the first 50 lines, and re-elect it when the stream drifts mid-log so agents always know what they are reading.
08Mask secrets with vendor patterns (Stripe, AWS, GitHub, npm, JWT, PEM blocks) plus a Shannon-entropy fallback, so unknown credentials still leave as [REDACTED] before the log ever reaches an LLM.
09Compress JSON reports by detecting structured documents (test reports, scanner exports) and re-shaping them semantically - repeated entries grouped, duplicate fields referenced, empty fields pruned - while the output stays valid JSON.
10Fit the token budget with --max-tokens N: output is trimmed to the highest-scoring lines, so even a multi-gigabyte incident log fits whatever context window is left.
why LogStrip exists¶
DevOps, SysOps, and GitOps teams often paste entire raw logs into AI agents during incident response. LLMs are bad at high-noise dumps. LogStrip eases that pain and reduces token costs.
why teams keep it in every pipeline¶
ops-firstBuilt for incident workflows where raw logs hit AI assistants under pressure.
700+Automatic source awareness across CI, runtimes, scanners, infra, and cloud logs.
deterministicSnapshot-tested output, fixtures spanning CI, runtimes, scanners and crashes, locked behind a 100/100/100/100 coverage gate.
cheaper promptsLower token usage per incident while keeping root-cause context intact.
cli in one line¶
Writes the compressed log to clean.log and a stats block to stderr. Stdin/stdout, file I/O, JSON reports and a GitHub Action wrapper are all covered in Getting Started.
next steps¶
- Getting Started - install, pipe, script
- CLI Reference - every flag and exit code
- Core TypeScript API - embed the parser
- GitHub Action - optional workflow wrapper
- Plugin Installation - Claude, Copilot, Cursor, Codex, Droid, OpenCode
- Workflow Examples - real CI recipes


