View and search logs to monitor performance and troubleshoot issues.
This page describes Cloud Observability’s logs tab. You can also explore logs with Cloud Observability’s Unified Query Builder and Unified Query Language.
Access to Cloud Observability Logging is available on request. Reach out to your Account Manager to get started.
Access the logs tab
To access the logs tab, go to Cloud Observability and click Logs in the sidebar.
You can also access the logs tab from many charts in alerts, dashboards, and notebooks. To open the tab and view logs from your chart’s time range, click data in the chart and select Search logs.
Select time ranges
Use the time picker
By default, Cloud Observability shows data from the past 60 minutes. To change the time range, click the time-picker drop-down and:
- Set relative time ranges in minutes, hours, days, or weeks.
-
Enter custom time ranges.
The time picker saves custom time ranges and shows them under Recently used.
You can also click the < > controls next to the drop-down to move back and forward in time.
The image below shows how to select time ranges in the chart. To see the number of logs in a bar, hover over that bar.
View live logs
Live tail auto-refreshes the logs tab with incoming logs. Use it to view and troubleshoot logs in near real time.
To use Live tail, click Play next to the time picker. To stop live tailing logs, click Pause.
You can also live tail specific logs. Filter your logs in the Search logs… box or sidebar and click Play.
Search logs
Search body fields
Cloud Observability tokenizes the body field for fast filtering.
Use the Search logs… box to explore and filter logs.
For example, if you search eclipse on the three logs below, Cloud Observability returns the first two logs.
The results cover only the selected time range, and you must search for the whole word.
For this example, searching ecl returns nothing.
The Search logs… box doesn’t cover other fields besides body (for example, user).
See the next section for how to explore those fields.
"body": "HEAD /eclipse/moon HTTP/2.0","size": 7749"body": "PUT /user/eclipse HTTP/2.0","size": 36208"body": "PUT /spacecat HTTP/2.0","user": eclipse
To clear a search, click x in the Search logs… box.
Filter other fields
Use the sidebar to explore and filter fields other than body.
To filter logs, select the checkbox next to a field value. Cloud Observability displays the field key-value below the Search logs… box and returns the relevant logs. You can select more than one checkbox. To clear a filter, click the x below the Search logs… box.
You can also use the sidebar to do the following:
- Search field names - Filter the field names in the sidebar.
-
Search field values - Filter field values for the relevant field name.
The sidebar displays up to 100 field values per field name.
- Sort - Click Sort to organize field values by frequency or name.
- Pin - Click the pin icon to move the field to the top of the sidebar and keep it there.
Get log and trace details
Cloud Observability has several features to help you further explore logs:
| Feature | What it is | How to use it |
|---|---|---|
| Log viewer | Log viewer shows a log’s fields in JSON and tabular format. Use it to get more details about a log. | Click any log to open the Log viewer. |
| Open linked trace | Open linked trace shows how a log fits into Cloud Observability’s Trace view. Use Open linked trace to explore and resolve issues by connecting logs to traces. Open linked trace only works for logs configured with a span ID. |
Click any log to open the Log viewer. Then click Open linked trace to open Cloud Observability’s Trace view in a new tab. |
| See in context | See in context shows logs with timestamps up to five minutes before the selected log. Use it to explore and troubleshoot issues. | Click any log to open the Log viewer. Then click See in context to see related logs in a new tab. |
See also
Updated Sep 13, 2023