You can search for and filter log events in the
Explore Logs page by using queries. You can use fields in your search criteria for efficient log monitoring. You can also save queries, clone queries and modify them, compare query results from multiple systems, share queries and their results with other users, and pin queries to the pinboard.
Search for and Filter Logs You can search for and filter log events in the Explore Logs page by entering queries in the search text box.
Group Logs During Search While searching for log events, you can group log events by multiple fields and see a time-series or non time-series visualization.
Perform Numerical Functions on Log Results You can perform numerical functions on your log results to view the count of events, unique count of field names, and so on.
View the Context of a Log You can view the context of a log event and browse the log events that arrived before and after it. If you want to know more about the status of your environment before and after an event, you can check the surrounding events.
Chart Types for Logs In the Explore Logs page, you can select different chart types to change the way the data is displayed in the chart under the query.
Event Types vRealize Log Insight Cloud summarizes a large number of individual events into a smaller number of broad event types. The system uses machine learning to group similar events together, with each group showing the approximate number of events in the group. Grouping events helps identify the most communicative events and the most quiet ones, both of which are critical for troubleshooting.
Event Trends vRealize Log Insight Cloud groups similar events into event types. You can use event trends to observe the current progression of each event type as compared to a previous time.
Fields in vRealize Log Insight Cloud In a large environment with numerous log events, you cannot always locate the data fields that are important to you. vRealize Log Insight Cloud supports the creation of fields to use in queries and filters to address this concern. Fields are a powerful way to add structure to unstructured events and allow the manipulation of both the textual and visual representation of data.
Working with Queries You can save a query to view it later, share a query with other users, and clone a saved query.
Examples of Search Queries You can use these examples when building your queries in the Explore Logs page. The logs for the last five minutes are displayed by default. vRealize Log Insight Cloud indexes complete, alphanumeric, hyphen, and underscore characters.
Export Logs You might have to share entire or partial logs with users in your organization or another organization. To share logs, you can export the results of a query in RAW or JSON format. You can download these logs to a file and share the file with other users.
Compare Logs While troubleshooting, you might have to analyze logs from multiple systems that interact with each other. For a specific time interval, you can run multiple queries with different query criteria to search for logs from various systems, and compare the logs.
Pin Queries to the Pinboard You can pin queries and view them in the pinboard. Pinning helps you temporarily recall queries that have been executed and also lets you compare two or more queries