Skip to content

cli compression for agentic pipelines

smaller logs. cleaner agents.

LogStrip - log compression CLI for AI agents.

A zero-dependency CLI that turns chaotic server logs, build pipelines, scanner reports, and container workloads into compact, high-signal context that AI agents can actually reason about - secrets masked, JSON kept valid, output trimmed to your token budget.

npm version npm downloads per month
raw.log → logstrip.log
[INFO] boot ok
[ERROR] request 123e4567-e89b-12d3-a456-426614174000 failed
[ERROR] request 987e6543-e21b-42d3-b456-526614174111 failed
[x2] [ERROR] request [ID] failed

705+ detected ecosystems

your stack, covered

Trivy Snyk Semgrep nginx PostgreSQL Redis AWS Lambda Datadog Sentry Docker Kubernetes Terraform Kafka Elasticsearch OpenTelemetry Prometheus Grafana GitHub Actions GitLab CI Cloudflare Spring Boot Django Express Next.js Jenkins Helm MongoDB Vitest Jest Pytest Playwright npm Cargo Gradle Webpack Fastify NestJS React Native Flutter Vercel Argo Go test pnpm Cypress Bun Maven Electron Bazel Tekton yarn

view all 705+ sources → · add your own

npm i -g logstrip

one install away

Installs one CLI: logstrip. Zero runtime dependencies on the hot path.

stream

gigabyte-safe

Built on Node streams and readline, so multi-gigabyte logs never have to fit in memory.

100/100

coverage gate

Statement, branch, function, and line coverage are pinned to 100% across the parser, CLI, and Action.

unix

pipe-native

cat raw.log | logstrip > clean.log. Stats on stderr, JSON on stdout (with --output), exit codes 0/1/2.

--max-tokens

fits any context window

Budget mode keeps the highest-scoring lines under a hard token cap, so output always fits the context you have left.

[REDACTED]

safe to paste

Stripe, AWS, GitHub, JWT and PEM credentials are masked - with a Shannon-entropy fallback for tokens no vendor pattern knows.

hybrid context engine

advanced detection, not regex-only filtering

LogStrip scores each sanitized line, keeps nearby context, dampens repeated spam, folds near-identical diagnostics with volatile values, prunes downstream cascades, and hides internal framework frames: compact incident narrative, not a noisy transcript. In the default auto mode every booster below runs automatically - no flags required.

01Score signals from log level, JSON severity, container failures, scanner findings, package managers, diagnostic keywords (including non-English and CJK terms), and stack frames.

02Promote context with a before/after window so setup lines near the failure survive even when they are not errors themselves - sized adaptively by error density in auto mode (wider for isolated errors, tighter for clustered ones).

03Dampen repeats with TF-IDF-style frequency tracking, then fold adjacent diagnostic variants - and repeated multi-line stack windows - into [xN] summaries.

04Summarize deltas by listing only differing key=value values when repeated events share the same shape, including enumerated instance counters like worker [1 | 2 | 3].

05Prune cascades by dropping downstream restatements (aborting due to previous errors, skipped because the upstream job failed) so the originating failure stands out.

06Collapse internals by replacing low-value framework/runtime stack frames with one marker while preserving app frames.

07Detect sources and format across 700+ ecosystems with a single-pass Aho-Corasick automaton, majority-vote the dominant format over the first 50 lines, and re-elect it when the stream drifts mid-log so agents always know what they are reading.

08Mask secrets with vendor patterns (Stripe, AWS, GitHub, npm, JWT, PEM blocks) plus a Shannon-entropy fallback, so unknown credentials still leave as [REDACTED] before the log ever reaches an LLM.

09Compress JSON reports by detecting structured documents (test reports, scanner exports) and re-shaping them semantically - repeated entries grouped, duplicate fields referenced, empty fields pruned - while the output stays valid JSON.

10Fit the token budget with --max-tokens N: output is trimmed to the highest-scoring lines, so even a multi-gigabyte incident log fits whatever context window is left.

why LogStrip exists

DevOps, SysOps, and GitOps teams often paste entire raw logs into AI agents during incident response. LLMs are bad at high-noise dumps. LogStrip eases that pain and reduces token costs.

problem

too much noise

Raw logs mix signal with thousands of low-value lines and repeated frames.

impact

weaker ai answers

Large noisy prompts dilute root-cause context and inflate LLM spend.

outcome

compact signal

LogStrip produces deterministic, AI-ready logs that are cheaper to analyze.

why teams keep it in every pipeline

ops-firstBuilt for incident workflows where raw logs hit AI assistants under pressure.

700+Automatic source awareness across CI, runtimes, scanners, infra, and cloud logs.

deterministicSnapshot-tested output, fixtures spanning CI, runtimes, scanners and crashes, locked behind a 100/100/100/100 coverage gate.

cheaper promptsLower token usage per incident while keeping root-cause context intact.

plugins that auto-intercept raw log pastes in every listed agent
install for your agent

cli in one line

npx -y logstrip raw.log -o clean.log --stats

Writes the compressed log to clean.log and a stats block to stderr. Stdin/stdout, file I/O, JSON reports and a GitHub Action wrapper are all covered in Getting Started.

next steps