Log Explorer¶

After log data is collected into the system, you can view all log data reported in the current workspace in LOG > Explorer.

View Modes¶

To meet the needs of viewing and analysis in different scenarios, the explorer supports multiple display modes:

List

Stacked List

Chart

List¶

Each field of the log occupies a column, completely displaying all field content, allowing you to intuitively view the detailed information of each log.

Stacked List¶

Except for the time field (time), all other fields will be merged into the same column and displayed in multiple lines within the cell:

In stack mode, you can perform icon operations for specific fields:

Chart¶

Based on count, last, first, count_distinct operation modes, filter data under by conditions:

• Top List

• Time Series

• Pie Chart

• Treemap

• Grouped Table Chart

Data Display¶

All Logs¶

Display the collected original log data.

Line Break¶

In stacked list mode, if a single log contains many data information elements, click the "Line Break" button to make the message part of the log display independently.

Pattern Analysis¶

The log explorer provides efficient clustering functionality, which can analyze the similarity of logs based on the message field and automatically display the most recent 50 logs. You can also customize the clustering fields. After selecting the time range in the time widget, the system will analyze 10,000 logs within that time period and aggregate similar entries.

In the pattern analysis list, you can manage the data through the following operations:

• Click & to sort the number of documents (default is descending order);

• Click , choose to display 1 row, 3 rows, 10 rows, or all content;

• Click , export all clustered log data.