Searching logs

Discover a powerful search engine to explore your logs.

To start with, let us remind that using PacketAI, your logs are stored as JSON documents. Those documents have various fields, the most important one being the message field. This field is automatically parsed from incoming log lines, wether they have a native JSON format or not.

This being said, the PacketAI search engine supports various types of search queries:

• Plain text search

• Key:value search

• Regexp search

• Boolean search

Plain text search

This is the simplest search available, that let users search the message field of each log line/message. If you want to search other JSON fields, you should check the key:value search.

Plain text search for "latency" will search the message field of log lines

Key:value search

This mode lets you perform field-level searches (remember each log line is stored as a JSON document).

Key:value search for key fields.agentID

Key:value search for key @version

Regexp search

This mode is for fine-grained string search and requires a knowledge of how a regexp works.

First, switch from Simple Query to Regexp Query using the switch menu at the right-hand side of the search bar. Then proceed to search using your regexp.

• Please refer to the official documentation about Regexp expression syntax.

Regexp search example

Boolean search

This search mode lets you combine any of the above searches using the AND and OR operators.

Boolean search example combining two key:value search with an AND operator