Platform

Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

Platform Overview
Infrastructure Monitoring
Cloud Monitoring
Digital Experience
AIOPS

Solutions

Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

Solutions Overview
By Initiative
By Industry

Resources

Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.

View Resources
Learn

About us

Get to know LogicMonitor and our team.

About us
Get to know us
Services

Documentation

Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

View Resources
Support
TRY IT FREE
ON DEMAND DEMO

Product Documentation

Query Language Overview

Last updated on 26 August, 2024

The Logs query language expands the standard search capabilities beyond keyword searches and filtering by resource, group, pipeline, and time range. The additional flexibility includes combining filters with logical operators, filtering events based on fields and values parsed from your logs, and matching patterns with glob expressions and regular expressions.

Use the features to for example narrow down information to quickly find relevant logs when troubleshooting. You can also summarize activity from log messages over a time range for reporting or alerting.

logs page

Using the Query Bar

Searching and filtering is done from the query bar which is located at the top of the Logs page. Enter your query and select the Run Query icon to start the search.

Using Autocomplete

When you type into the query bar, the autocomplete menu will open and provide a list of options based on what you’ve entered and the information that you have in your logs.

If you select a field from the list or type in the field name, autocomplete will then suggest possible values for that field.

query bar option on logs page

After you enter a complete keyword or field=value pair, autocomplete will continue to provide suggestions to help you build the query. For example, you may see options for logical operators: AND, OR, and NOT. For more information, see Log Search Cheatsheet.

Stopping Long-Running Queries

Complex queries covering a long time range may take some time to complete. You can select the Stop Query icon at the end of the query bar to prevent a long-running query from completing.

Changing the Time Range

Select from a list of time ranges in the upper right corner, or manually define a time range to review. The default time range is set to 5 min. You can also change the time range by dragging and selecting within the graph. Then, to revert to your last time range, select the Exit graph zoom icon.

Note: It may take some time before logs from resources in a newly created resource group are included in the log count totals. This is because the log metadata is established at log ingestion, and using resource groups that existed at that time.

Searches do not execute automatically. When you’re done building your query, select the Search icon to run it.

Viewing Search History

You can view and manage your recent searches by selecting the Clock icon to the left on the query bar. The Recent searches menu shows the last 10 searches in your history. You can remove individual or clear all searches from this list. 

Save a search by selecting the Star icon to the right of the query bar.

In This Article

Start Your Trial

Full access to the LogicMonitor platform.
Comprehensive monitoring and alerting for unlimited devices.