Indexes¶
By extracting key features such as log fields and metric tags, indexes can associate feature values with raw data, enabling efficient retrieval and avoiding inefficient full scans.
After creating and managing multiple indexes, the system will automatically archive log data into the corresponding indexes based on predefined filter conditions. At the same time, you can customize data storage policies for each index, effectively controlling and reducing storage costs, balancing data management flexibility and economic benefits.
Create¶
Guance supports creating or binding three types of indexes:
Note
By default, log indexes cannot be created. Please contact your account manager to request activation of this feature.
Manage Indexes¶
You can manage the index list through the following operations.
-
Disable Index: Subsequent logs will not enter this index and will continue to match and flow into other indexes for storage. If no other index matches, they will be saved in the default
defaultindex; -
Enable Index: Subsequent logs will re-enter this index for storage.
Edit an existing log index.
Note
Changing the storage policy will delete the data in the index. Please proceed with caution.
Click to view all operation logs for this index.
Click the icon to delete the created index.
Note
- After deletion, the log data in this index will also be deleted. If no other matching index exists, subsequent reported log data will be saved in the default index
default; - If the deleted index has been authorized for querying by other workspaces, those workspaces will no longer be able to query this index after deletion;
- After deleting a log index, you can create an index with the same name as needed.
Click the icon to drag and drop the created log index up or down.
Note
Logs will flow into the first matching index. Changing the order of indexes may alter the flow of logs.