Indexes¶
By extracting key features such as log fields and metric tags, indexes can associate feature values with raw data to enable efficient retrieval and avoid inefficient full scans.
After creating and managing multiple indexes, the system will automatically archive log data into the corresponding indexes based on preset filtering conditions. At the same time, you can customize data storage policies for each index to effectively control and reduce storage costs, balancing data management flexibility and economic efficiency.
Create¶
Guance supports creating or binding three types of indexes:
Create Log Index
Create Native Direct-write Index
Bind External Index
Note
By default, log indexes cannot be created. Please contact your account manager to request activation of this feature.
Manage Indexes¶
You can manage the list of indexes through the following operations.
-
Disable Index: Subsequent logs will no longer enter this index but will continue to match and flow into other indexes for storage. If no other indexes match, they will be stored in the default
defaultindex; -
Enable Index: Subsequent logs will re-enter this index for storage.
Edit an already created log index.
Note
Changing the storage policy will delete the data in the index. Please proceed with caution.
Click to view all operation logs for this index.
Click the icon to delete an already created index.
Note
- After deletion, the log data in this index will also be deleted. If there are no other matching indexes, subsequent uploaded log data will be stored in the default
defaultindex; - If the deleted index has already been authorized for querying by other workspaces, those workspaces will no longer be able to query this index after deletion;
- After deleting a log index, you can create an index with the same name as needed.
Click the icon to drag and move up or down already created log indexes.
Note
Logs will flow into the first matching index. Changing the order of indexes may cause changes in log flow.