Using the Logs toolbar

Refresh data

Click Refresh data to update the Logs page with the latest logs.

Display options

Click Display options to open the Display options panel and select which columns to display in the Logs page. Check the checkbox(es) of the column(s) to display, and click Apply. The following are the list of display options:

Click Display options to select which columns to show in the Logs page. Check the checkboxes for the columns you want to display, then click Apply. The available display options are:

• Show all columns

• Timestamp

• Severity

• Origin

• Execution ID

• Message

Filter

Click Filter to open the filter panel and display events based on specific criteria in the Logs page.

Search

Filters the logs by the message text.

In this section you can filter the logs by the Message text, Stream version, or by Execution ID if you have switched on Advanced mode, see more information below:

Open Filter logs default view

Open Filter logs Advanced mode

The search section uses OpenSearch regular expressions and operators to match results in the logs. For more information on regular expressions and syntax, see https://docs.opensearch.org/docs/latest/query-dsl/regex-syntax/.

Examples of how the search bar matches results:

• Searching with the single-word expression fish filters the log to display any results that contain the word “fish”, including “Fish & Chips” and “I love fish chips.”

• Searching with the boolean OR expression fish OR chips filters the log to display any results that contain the word "fish" or "chips" in any order, including "fish", "Chips", "I love fish chips", "Fish & Chips", and "I love bamboo & Fish." The expression is not case-sensitive.

• Searching with the boolean AND expression fish AND chipsfilters the log to display any results that contains both "fish" and "chips" in any order, including "I love fish chips", "Fish & Chips", and "I love chips and Fish I love almost as much." The expression is not case-sensitive.

• Searching with the quoted string expression "collectors have finished" filters the log to display results that only match the entire quoted phrase, such as "All collectors have finished.”

• Searching with the regular expression .*[fd]ish.*[0-9]+filters the log to display any results that only contain the words "fish" or "dish" in lower case, in that order, and ends with a numeric value, such as "I love fish dish number 4.” When using regular expressions, filtering is case sensitive.

When Advanced is toggled on, you can also filter by Execution ID.

Date

You can filter the logs from a dropdown of pre-defined time and day.

Open

Selecting the date period

When Custom is selected, you can filter logs by specifying the From and To date and time in the YYYY-MM-DD HH:mm:ss format.

Open

Custom date selection

Severity

You can filter logs by Severity type:

• Information

• Warning

• Error

Select the checkbox for the Severity type you want to display in the Logs page.

Open

Severity checkbox options

Origin

You can filter logs by the origin of the event, which indicates which function generated the event. Select the checkbox for the function type:

• Collectors

• Processors

• Forwarders

Open

Origin default view

When Advanced is toggled on, you can also select specific functions in the stream to display in the Logs page.

Open

Origin Advanced mode