# Searching logs

To start with, let us remind that using PacketAI, your logs are stored as JSON documents. Those documents have various fields, the most important one being the `message` field. This field is automatically parsed from incoming log lines, wether they have a native JSON format or not. 

This being said, the PacketAI search engine supports various types of search queries:

* Plain text search
* Key:value search
* Regexp search
* Boolean search

### Plain text search

This is the simplest search available, that let users search the `message` field of each log line/message. If you want to search other JSON fields, you should check the `key:value` search.

<figure><img src="https://1004160589-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MUh1bMx9Zb5YpSL8Jqw%2Fuploads%2FOnKxZKz5mcGJ33lJnJ9I%2FLogUI-search.png?alt=media&#x26;token=9cb507ff-60f2-4307-8f1b-d937c297333d" alt=""><figcaption><p>Plain text search for "latency" will search the <code>message</code> field of log lines</p></figcaption></figure>

### Key:value search

This mode lets you perform field-level searches (remember each log line is stored as a JSON document).

<figure><img src="https://1004160589-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MUh1bMx9Zb5YpSL8Jqw%2Fuploads%2FMy1BkuG20ck96CZmp7oq%2FLogUI-search2.png?alt=media&#x26;token=de41fb59-ed49-43f3-8360-7f9d9a9927c2" alt=""><figcaption><p>Key:value search for key <code>fields.agentID</code></p></figcaption></figure>

<figure><img src="https://1004160589-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MUh1bMx9Zb5YpSL8Jqw%2Fuploads%2FVSqx4aGQAoJNTRvb2VT2%2FLogUI-search3.png?alt=media&#x26;token=8462f2b3-467d-4c87-904e-8dfa691b9259" alt=""><figcaption><p>Key:value search for key <code>@version</code></p></figcaption></figure>

### Regexp search

This mode is for fine-grained string search and requires a knowledge of how a regexp works.

First, switch from *Simple Query* to *Regexp Query* using the switch menu at the right-hand side of the search bar. Then proceed to search using your regexp.&#x20;

* Please refer to the official documentation about [Regexp expression syntax](https://www.elastic.co/guide/en/elasticsearch/reference/current/regexp-syntax.html).

<figure><img src="https://1004160589-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MUh1bMx9Zb5YpSL8Jqw%2Fuploads%2FreSIANwaZPzv7bHLUaIA%2FCLHF1.png?alt=media&#x26;token=730cd068-63dc-498c-bca3-77d10910eb8c" alt=""><figcaption><p>Regexp search example </p></figcaption></figure>

### Boolean search

This search mode lets you combine any of the above searches using the AND and OR operators.

<figure><img src="https://1004160589-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-MUh1bMx9Zb5YpSL8Jqw%2Fuploads%2F7fYAqsSWyL4Ad0VI1pfF%2FLogUI-search4.png?alt=media&#x26;token=51f20fa2-fc7d-4c6d-9a4a-8ba758adfe05" alt=""><figcaption><p>Boolean search example combining two key:value search with an AND operator</p></figcaption></figure>