Platform

    Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

    Platform Overview
  • Infrastructure
    monitoring
  • Cloud monitoring
  • Digital experience

      • Solutions

      Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

      Solutions Overview
    By Initiative
    By Industry

      About us

      Get to know LogicMonitor and our team.

      About us
    Get to know us
    Connect
    Services

      Documentation

      Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

      View Resources
    Support

    Product Documentation

    Query Language Overview

    Last updated on 12 June, 2023

    The Logs query language expands the standard search capabilities beyond keyword searches and filtering by resource, group, pipeline, and time range. The additional flexibility includes combining filters with logical operators, filtering events based on fields and values parsed from your logs, and matching patterns with glob expressions and regular expressions.

    Use the features to for example narrow down information to quickly find relevant logs when troubleshooting. You can also summarize activity from log messages over a time range for reporting or alerting.

    Using the Query Bar

    Searching and filtering is done from the query bar which is located at the top of the Logs page. Enter your query and select the Run Query icon to start the search.

    Using Autocomplete

    When you type into the query bar, the autocomplete menu will open and provide a list of options based on what you’ve entered and the information that you have in your logs.

    If you select a field from the list or type in the field name, autocomplete will then suggest possible values for that field.

    After you enter a complete keyword or field=value pair, autocomplete will continue to provide suggestions to help you build the query. For example, you may see options for logical operators: AND, OR, and NOT. For more information, see Log Search Cheatsheet.

    Stopping Long-Running Queries

    Complex queries covering a long time range may take some time to complete. You can select the Stop Query icon at the end of the query bar to prevent a long-running query from completing.

    Changing the Time Range

    Select from a list of time ranges in the upper right corner, or manually define a time range to review. The default time range is set to 5 min. You can also change the time range by dragging and selecting within the graph. Then, to revert to your last time range, select the Exit graph zoom icon.

    Note: It may take some time before logs from resources in a newly created resource group are included in the log count totals. This is because the log metadata is established at log ingestion, and using resource groups that existed at that time.

    Searches do not execute automatically. When you’re done building your query, select the Search icon to run it.

    Viewing Search History

    You can view and manage your recent searches by selecting the Clock icon to the left on the query bar. The Recent searches menu shows the last 10 searches in your history. You can remove individual or clear all searches from this list. 

    Save a search by selecting the Star icon to the right of the query bar.

    In This Article