Use search bar to search the indexed logs by entering the query string in the search field. A Query String is a logical combination of words, phrases, or field values. Type a query string or build it to aggregate different values in the search result and display the result in a graphical format. In the Data Privacy Module enabled systems, you won’t be able to view the raw logs.
Click on the search bar to view History, Saved Searches, Vendor Searches, and Labels.
Press Shift + Enter to add a new line and enter multiple queries in multiple lines. The search bar can expand vertically up to 15 lines. After that, a scroll bar appears to the right.
Multi-line Query¶
Logpoint auto-suggests keywords based on the query you enter. It can also display a detailed and dynamic search help when entering a query in the search bar if you enable it. To enable Search Help, go to User >> My Preferences, click User Interface and select the options you want. For more details, go to Search Help.
Each repository collects and stores logs for a pre-defined period. To search logs from a specific repository, click the dropdown on the right. By default, Logpoint searches from all repositories. We recommend to only select the repos you want to search. If you search through all repos that could affect performance.
The repos are grouped either by Distributed Logpoints (DLP) or by Repo. Click Change to select the repos in a group.
Time range can be added to search, using the “Last x time-range” format, or by selecting a custom time range of Last 1 hour, Last 6 hours, Last 7 days from the dropdown. The default time is last 10 minutes.
Use Use wizard to build a simple search query.
To use Use wizard:
In the navigation bar, click Use wizard.
Search Wizard¶
Enter words/phrases to contain on your search.
Enter the words/phrases to be excluded from the search.
Click Continue. Click Search Now while building the search query. It searches for the logs using the query built up in the process.
Select Visualization.
Chart or Timechart
Select a Aggregation function and a Field.
Click Add to add multiple aggregation functions and fields. The aggregators are listed under AGGREGATIONS.
Click Continue.
Choose fields in Group The Result.
Click Search Now to get your visualization.
Latest
Select the fields in Group The Latest Result By.
Click Search Now to get your visualization.
Selected Fields
Select the fields in Select The Fields To Watch.
Click Search Now to get your visualization.