PacketAI - Autonomous IT Monitoring
  • Overview
  • Dashboard
  • Topology
  • Components (hosts, services, applications)
  • Integrations
  • Integrations KPI filters
  • Component
  • Incident RCA
  • Incident feedback
  • Anomalies
  • Managed ELK
    • Kibana
      • Introduction
      • Types of Visualizations
        • Charts
        • Data
        • Others
      • Getting Started on Kibana
      • Index Pattern
        • Create an Index pattern
        • Explore & Configure Data Field
        • Default Pattern index
        • Delete Index Pattern
      • Metric Aggregation
      • Creating Visualizations
        • Bar Chart
        • Time Series Graph(TSVB)
        • Week-to-Week Comparison Graph(TSVB)
      • Dashboarding
        • Create Dashboard
        • Creating Correlated logs & metrics dashboards
      • Tip & Tricks for Snappy Dashboards
      • Reporting
        • Direct Download Report
        • Scheduled Report
        • Accessing Reports
      • Summing Up
    • Alerting
  • Log Management
    • Anatomy of the Log UI
    • Logs
    • Log Patterns
    • Log Health Dashboard
    • Log Pattern Alerting
    • Searching logs
    • Filtering logs
    • Create new users
  • Set Up
    • Installation
    • AWS Cloudwatch
    • AWS Metrics
    • Azure
    • Out-of-the-box integrations
    • Logging Best Practices
    • Using Vector agent
    • Using Logstash agent
    • Filebeat
    • Metricbeat
    • Winlogbeat
    • Fluent Bit
  • Opensource
    • Built on Opensource
Powered by GitBook
On this page
  • Standard Filters
  • Date range filter
  • Severity filter
  • Component filter
  • Cluster filter
  • Linux architecture filters
  • Hosts filter
  • Service filter
  • Application filter
  • Kubernetes workload filters
  • Quick filter search
  • Custom Filters

Was this helpful?

  1. Log Management

Filtering logs

PacketAI offers a wide range of powerful filtering controls for your logs.

PreviousSearching logsNextCreate new users

Last updated 2 years ago

Was this helpful?

Standard Filters

Date range filter

The date range filter (or date picker) lets you adjust the time window of observation: either using a a start and end times, or using a relative window.

Severity filter

This filter lets you check/uncheck a given severity to show/hide logs of the corresponding severity. Please note that severity is automatically extracted from your log lines.

Component filter

This filter provides auto-completion for quick filtering by component. Selected components will be automatically checked.

Cluster filter

This menu filter lets you filter by cluster names.

Linux architecture filters

The following filters are only available for Linux infrastructures:

  • Hosts filter

  • Service filter

  • Application filter

Hosts filter

This filter lets you select by host names.

Service filter

This filter lets you select by service names.

Application filter

This filter lets you select by application names.

Kubernetes workload filters

The following Workload filters are only available for Kubernetes infrastructures:

  • Deployment filter

  • Daemonset filter

  • Statefulset filter

  • Cronjob filter

Those filters are shown as a stack:

Each filter supports multiple selection and selected values are shown at the top of the menu.

You can also select multiple workload values at the same time:

Quick filter search

This mode lets user perform 1-clic key:value searches from existing logs.

Custom Filters

In addition to standard filters, PacketAI lets you build a custom filter from any available JSON property found in your logs.

  • After clicking on the top header of a column in the Logs tab, click the Build Filter item to add a new filter widget at the bottom of the Search and Filter area. The filter comes automatically populated with unique values found for that property, letting you quickly and effortlessly drill down in your logs.

Clicking on the calendar icon opens a new menu with quick links to relative time windows

Clicking on either the start date or end date opens a calendar to precisely position either date.

Tip: hold (or the COMMAND key) while clicking on a severity level will display only logs of the selected severity.

Tip: click +k for a shortcut access to this filter.

Note: when sending logs via one of the supported agents (filebeat, winlogbeat, vector or fluentd), this filter menu contains the values that were configured for the packetai.cluster_name variable of the agent configuration, like here (for the case of vector agent).

Note: for a Linux infrastructure, this filter menu contains the default value "Linux monitoring"

The date range filter
Quick filters are available from the main log view, by clicking the eye icon
Once the flyover is displayed, quick key:value filters can be activated simply by clicking the magnifier icon
After clicking on the magnifier icon, results are automatically filtered with the selected key:value
Example of adding a Custom Filter for property Container.id from the column header.
A new Container.id Custom Filter appears, populated with unique values.