The Coralogix Explore Screen is a powerful and user-friendly interface designed to provide a comprehensive view of your telemetry data. With its intuitive layout and well-organized presentation, users can effortlessly navigate through their data, gaining valuable insights and understanding the behavior of their system.
Central to the Explore Screen’s functionality are the filters and search queries that allow users to pinpoint specific data points quickly. By customizing the filters and search parameters, users can easily drill down into the relevant information, eliminating noise and streamlining their analysis process.
The Explore Screen serves as the hub for investigations, where users can delve deep into their raw data to extract meaningful conclusions. By slicing and dicing the information, users can break down complex datasets into manageable portions, making it easier to identify patterns, trends, and anomalies. This capability empowers users to make informed decisions based on concrete evidence and thorough analysis.
Perhaps the most valuable aspect of the Explore Screen is its ability to correlate logs and traces. By combining these two types of data, users can gain a comprehensive and holistic understanding of their system’s performance. This enables users to identify cause-and-effect relationships, track the flow of events, and recognize how various components of the system interact. With this invaluable insight, users can optimize system performance, troubleshoot issues more efficiently, and ultimately enhance their overall operations.
Overview
Use the Explore screen to:
Filter and query your telemetry data to pinpoint specific data points.
View, filter, and query archived data.
Create new alerts for your data directly from the Explore screen.
Filtering Your Data
Filter your data using the left-hand sidebar.
Specify any or all of the following values to be queried per filter:
Severity: Filters logs by color-coded severity levels.
The Filters section shows the count-per-filter value at the side of each filter option. This shows how many results will appear when each filter is applied.
It also provides a way to generate a count distribution graph for the filtered key using the graph icon which appears when you hover over a heading.
Add filters using keywords fields by clicking ADD FILTER at the top of the filter section or by clicking on a JSON field and selecting ADD TO FILTER LIST in the dropdown menu.
Time Selection
Select the time range for your query using the data range dropdown on the upper right-hand side of the browser window.
The default time period is the last 15 minutes. It can be modified and filtered using the following:
Tags: Allow you to search for an application tag and find all logs associated with it
Custom: Choose an absolute date/time range to filter.
Relative: Choose a time window between (current time – t1) and (current time – t2). Intervals are set in hours, minutes, and seconds.
Quick: Select a predefined query interval with one click. Intervals are set in minutes, hours, and days.
Dragging the mouse across a section of the logs flow graph zooms into the previous query time range and set a new time interval.
Querying Your Data
Logs vs Archive Queries
In the left-hand panel, you have the option to execute a logs query of your indexed logs (default) or an archive query, which allows you to query the data in your S3 archive directly from the Explore screen.
Logs Query
Query your logs using the “Search logs” entry field with the support of the logs screen dropdown menu that helps you build queries based on the log fields. When clicking on a JSON field value a drop-down menu will open:
In this example, clicking on the option INCLUDE IN QUERY adds the expression ‘_*exists_*: "resource.attributes.k8s.container.name"’ to the query. Choosing the EXCLUDE FROM QUERY option adds the expression ‘NOT_*exists_*: "resource.attributes.k8s.container.name"’ to the query.
You can also copy the complete JSON path to the clipboard, which can help in building query expressions.
Clearing a Query
Clicking on the x to the right of the query string deletes the query string but does not affect the rest of the query parameters (filters and time window).
Logs and Visualizations
Data Types and Formatting
Below is a view of the logs section that appears on the Explore Screen:
There are four tabs to the top left in this section:
Logs – Log query results.
Templates – Loggregation templates, which are logs that are automatically identified and clustered into the same type/origin.
DataMap (BETA) – View and compose maps that combine infrastructure metrics, business metrics, and log data.
On the top right panel, there are five options:
Reset – Clears all query parameters (including filters).
Create Alert – This button brings up the Create Alert prompt, for creating User-Defined Alerts.
Row Formatting – Change the format of how the logs are displayed.
1-Line – logs are condensed into one line.
2-Line – logs are condensed into two lines.
Condensed – the entire log is visible in wrapped format.
JSON – the default view where JSON objects are parsed.
List – presents log data in an easy-to-read list of key-value pairs.
Columns – ****see explanation of Columns button below.
Settings – change the settings of the Explore page.
Custom and Saved Views
Custom views helps organize specific, relevant log information, as well as views that help other users work and retrieve important data more efficiently. You can also save your custom views for use at a future time. For more information, see Explore Screen – Custom Views.
Expand Log Text
If the log is in a view that can be expanded, clicking the arrow ‘>’ icon or double-clicking on the log expands and shows the entire log message.
View Surrounding Logs
In some cases, you may want to view the logs that occurred before and after a particular log came in order to get additional context to better understand the log.
To view the logs surrounding a specific log:
STEP 1. From the Explore screen, hover over the log number and click the three dots … that appear.
STEP 2. Click View Surrounding Logs.
STEP 3. Select the time window for which to view the surrounding logs (5 seconds, 30 seconds, 1 minute, 5 minutes, or 10 minutes).
Managing Columns
Clicking on the COLUMNS button opens the Manage Columns window. There, fields can be arranged between two lists by dragging them. The APPLY button updates the columns on the logs screen. The Manage Columns window can also be accessed from the SETTINGS menu.
Managing Keys
Use our Manage Keys feature to personalize the JSON layout with fields, by clicking the column icon next to the Column header. This opens the Manage Keys box, allowing you to simplify the way you arrange your columns to view data. Select the keys you wish to view, pin and sort them, and save your view. Find out more here.
CONTENT Column
Improve visibility for your log’s most important data by using the CONTENT column, which displays selected keys from your logs. Find out more here.
Oh no!We didn’t find anything for “”,
