The Logs app is your starting point to finding relevant log records without writing queries. Easily filter on your relevant data, carry out proactive investigations, discover root causes from surrounding logs, expand your analysis to other entities, and share your findings.
Create your query by building out your filter statement using keys and values with your search terms, comparators, and logical operators:
AND
connected.Additionally, filter the logs by Segments .
For a wildcard search, use the * operator together with your search term. For example, when searching for all logs with the term transaction
in the Content field, filter for content = *transaction*
. See the full reference for the Filter field. For status
and loglevel
you can pick an option in the list of presets (see here how log severity is transformed). For other filters, add a comparison operator (equals, contains, not contains, does not equal, starts with, ends with) and a desired value.
For example, if you want to query log records from syslog with all statuses, then select all options for status, add a log.source
attribute, pick the contains
operator, and insert the syslog
value.
Use the date picker to apply the correct timeframe for your query.
Select Run query to execute the query.
After your query has returned records in the result table, you can search for keywords in this data. Use the Search in results field to filter the table to your keyword. This filtering won't execute a new query, but will only show the already returned and loaded results in your browser.
Use the log distribution chart to spot trends in your logging. The chart displays how your queried data has been distributed over the last 30 minutes based on the status. The log distribution chart is redrawn every time you make a new query without impacting your original query or consuming the query license.
You can choose a specific area in the chart for closer inspection. Note how your query timeframe changes based on the area you chose. Use buttons or keyboard shortcuts to investigate the chart.
See the surrounding logs for every log record to better understand the context for the data. First, find a relevant log line in the result table and open its details, then select Show surrounding logs. The surrounding logs are shown for the context provided by the log record:
trace_id
parameter is present, you will see other records with the same trace ID.Continue your analysis of logs discovered in the Logs app in other Dynatrace applications. Select Open with to continue analysis in, for example:
Select Edit DQL query from the menu, besides the Run query button.
Querying logs works based on the same licensing as other Log Management and Analytics features, where you only consume the license for queried log volume in bytes.
Note that generating the log distribution chart or searching among the previously returned results does not consume the license.
The license is consumed only when you click the Run query button or when you use Surrounding logs.
The users must have access to the Dynatrace Platform and logs stored in Grail (see the built-in access policies for log data). The application replaces the Logs and Events screen, so users who accessed logs previously can use the Logs app.