Query and filter logs

• Latest Dynatrace
• How-to guide
• 1-min read
• Published Jul 02, 2025

Create your query by building out your filter statement using keys and values with your search terms, comparators, and logical operators:

Additionally, filter the logs by Segments. This simplifies the querying for a selected bucket. An example use case is provided at Segment logs by bucket.

For a wildcard search, use the * operator together with your search term. For example, when searching for all logs with the term transaction in the content field, filter for content = *transaction*. Note that filters are case-sensitive. See the full reference for the Filter field.

For status and loglevel you can pick an option in the list of presets (see here how log severity is transformed). For other filters, add a comparison operator (equals, contains, not contains, does not equal, starts with, ends with) and a desired value.

For example, if you want to query log records from syslog with all statuses, then select all options for status, add a log.source attribute, pick the contains operator, and insert the syslog value. If you use the equals sign (=) Logs provides autocomplete suggestions for values, with retrieval of these values being free of charge.

Use the date picker to apply the correct timeframe for your query.

Select Run query to execute the query.

After your query has returned records in the result table, you can search for keywords in this data. Use the Search in results field to filter the table to your keyword. This filtering won't execute a new query, but will only show the already returned and loaded results in your browser.