Use search bar to search indexed logs and raw logs by entering the query string in search. A query string is a logical combination of words, phrases, or field values. Type a query string or build it to aggregate different values in the search result and display the result in a graphical format. If you have enabled Data Privacy Module, you won’t be able to view the raw logs. Click the search bar to view History, Saved Searches, Vendor Searches, and Labels.
Press Shift + Enter to add a new line and enter multiple queries in multiple lines. The search bar can expand vertically up to 15 lines. After that, a scroll bar appears to the right.
Multi-line Query¶
Logpoint auto-suggests keywords are based on the query you enter. It can also display a detailed and dynamic search help when entering a query in the search bar if you enable it. To enable, go to User >> My Preferences, click User Interface. For more details, go to Search Help.
Each repository collects and stores logs for a pre-defined period. To search logs from a specific repository, click the dropdown on the right. By default, Logpoint searches from all repositories. This could affect the performance, so we recommend to only select the repos to search.
The repos are grouped either by Distributed Logpoints (DLP) or by Repo. Click Change to select the repos in a group.
Time range can be added to search, using the “Last x time-range” format, or by selecting a custom time range of Last 1 hour, Last 6 hours, Last 7 days from the dropdown. The default time is last 10 minutes.
Search Wizard allows you to build a simple search query.
In the navigation bar, click Search.
In the search bar, click Use wizard.
Enter words/phrases to add on your search.
Enter the words/phrases to exclude from search.
Search Wizard¶
Click Continue. Click Search Now to search for the logs using the created query.
Select Visualization. It is the graphical representation of data based on selected aggregation functions, fields, and grouping criteria.
Chart or Timechart
Select a Aggregation function and a Field.
Click Add to add multiple aggregation functions and fields. The aggregators are listed under AGGREGATIONS.
Click Continue.
Select fields in Group The Result.
Click Search Now.
Latest
Select the fields in Group The Latest Result By.
Click Search Now.
Selected Fields
Select the fields in Select The Fields To Watch.
Click Search Now.