Command Overview
beacon endpoint tokens reads Beacon endpoint events from the runtime JSONL log and summarizes token usage, cost, models, sessions, runs, harnesses, and repositories.
Command syntax
Examples
Show token usage from the default per-user endpoint log:Show local token usage
Print JSON
Filter by session
Bucket usage over time
Inspect a CI run
Filters
Filters can be combined to narrow the report to a time range, model, agent harness, repository, session, or CI run.| Flag | Description |
|---|---|
--since <timestamp> | Only include events at or after this RFC3339 timestamp |
--until <timestamp> | Only include events at or before this RFC3339 timestamp |
--session <id> | Filter to one session and include per-step detail |
--model <name> | Filter by model name |
--harness <name> | Filter by harness name |
--repository <path-or-url> | Filter by repository |
--run-id <id> | Filter by CI run ID. Bare run IDs and composite provider/run keys are accepted |
--bucket <duration> | Time-series bucket size, such as 1h or 15m |
--top <count> | Limit each grouping to the top N entries. 0 keeps all entries |
Runtime Log Selection
By default, the command reads the per-user endpoint runtime log. Use--system for a system-mode endpoint, or --log-path when reading a copied runtime log or a CI session artifact.
| Flag | Description |
|---|---|
--user | Use per-user endpoint paths. Enabled by default |
--system | Use system endpoint paths |
--log-path <path> | Runtime JSONL log path. In CI, point this at the session log |
--json | Print the token usage report as JSON |
Related
Endpoint dashboard
Explore endpoint runtime logs locally in a browser.
Endpoint inventory
See configured, detected, hook, and observed endpoint inventory.