This tutorial will guide you on your first steps with Coralogix and help you start enjoying reduced time to detect and solve production problems.
Coralogix also supports many integrations which we divide into 6 main categories:
Coralogix provides support for all its integrations and an integration session with our engineers can be booked directly here.
Once you’ve started sending data, you can use one of our extension packages to easily set up predefined Coralogix alerts, parsing rules, and Kibana dashboards that are tailored for each particular integration.
Some available extension packages include Cloudflare, Cloudtrail, Fastly, Jenkins, and more!
Coralogix allows data parsing using Regex to perform the following operations:
Coralogix enables data enrichment on the fly to make logs smarter/more readable. There are 3 types of enrichments:
Both unstructured and JSON-structured log queries are supported:
1. Querying unstructured logs
login unauthorized – Returns logs containing your login was unauthorized OR wrong password.
text:”your exact match string” – Returns logs containing the phrase your exact match string.
2. JSON-structured logs
url:”some url” – Returns logs that match url:/some/url.php or url:/some/url.html
url.keyword:”/some/url.php” – Returns logs that exactly match url:/some/url.php
statusCode.numeric:[200 TO 399] – Returns logs where value of statusCode key is between 200 and 399
Coralogix Logs2Metrics enables you to generate metrics on-the-fly from your log data to optimize storage without sacrificing important data. Simply define a query and Coralogix will execute it every minute and store different data aggregations in a long-term index for a full year at no additional cost.
Metrics start to gather from the point in time in which they were defined. The available query time range for your Logs2Metrics indices is 30 days. Activating Logs2Metrics allows you to create up to 30 metrics with a 90 Days retention period.
Learn more about how to create metrics from your log data.
In order to make data investigations simpler and help you find that needle in the haystack, Coralogix created a proprietary real-time clustering algorithm that automatically identifies logs of the same type/origin and clusters them into a log template.
This enables turning hours of data and millions of records into a short list of data templates with easy visualization options. It also provides added value such as template normal behavior learning and the ability to zoom into specific templates.
Loggregation does not require any preconfiguration and works on all data types. To make Loggregation most accurate, have your main log message as a root key and not nested (typically “log”, “message”, “msg”, “text” etc). No need to do anything for unstructured logs. Learn more here.
Alerts in Coralogix can be defined directly from your query by clicking on the “Create Alert” button or from the “Alert” interface at the top bar of the Coralogix screen. Coralogix has 6 main and 12 secondary alert types:
Coralogix is all about making your life simple. View your Coralogix data and insights in any dashboard including:
Coralogix harnesses all its features, alerts, queries, anomalies, Loggregation templates, normal behavior learning, new & suspected error detection, and custom widgets to enable a next-generation experience for CICD acceleration. By using the Coralogix “Tags” feature, you can plug your CICD platform into Coralogix, and send your build logs, metrics, and most of all – Version Tags. Coralogix will then compare versions uploaded to the same service in 2 different points in time, and provide an automated benchmark of the key quality metrics for new version release, enabling you to add your own widgets for version over version comparison of any trend or SLA you would like to visualize. Learn more about Version Tags here.
The first place to see your logs after they have been parsed and enriched is the Coralogix Live Tail. Live tail is a low latency, pre-index/storage stream of logs, it sends logs directly from the Coralogix queue to your client and allows data filtering by app/sub, or any “grep” command or sequence. It also allows you to choose which specific log fields will be displayed and enables you to “prettify” JSON data or view it as raw text. Live tail is available in the Coralogix interface, or via CLI.
Coralogix “Streama” engine allows it to analyze all data on the fly without the usage of storage, the TCO optimizer enables users to define the use case per app/sub/severity and define policies for optimized data routing. We typically see 70% cost reduction by this feature, and our support team is available 24/7 to assist in defining the correct policies and also policy exceptions.
This guide is the very basic getting started guide to get you up to speed and help you extract the initial value from the product. For additional guidance, feel free to reach out via our in-app chat, and we’ll walk you through step by step.