Log Search & Filter
Overview
There are 2 types of searching in Lumigo-
- Free text search
To search for all logs containing a single term (e.g.error) simply insert the word in the search bar.
To search for a group of words, surround your search term with double quotes (e.g."fatal error") - Attribute Search
Searching for a specific attribute is done either by typing the attribute name, or selecting it from the autocomplete suggestions.
To search specific attributes, prefix the attribute to your terms, such assource: "agent unicorn"
See Matching Operators below for more details.
Wildcards
Text Search Operators
| Condition | Syntax | Examples |
|---|---|---|
| contains | key:*value | message:*error - logs with messages that end with the string errormessage:error*- logs with messages that start with the string errormessage:*error*- logs with messages that contain the string error |
| equals | key:value | resource:wildrydes-dev-invokeLambdas - logs originate from resources whose names precisely equal "wildrydes-dev-invokeLambdas." |
| negation | -key:value | -resource:wildrydes-dev-invokeLambdas - logs originate from resources whose names don't equal "wildrydes-dev-invokeLambdas." |
| Key exists | key:* | issue:* - logs that contain the keyissue |
| Key doesn't exist | -key:* | -issue:* - logs that don't contain the key issue |
Numeric Search Operators
| Condition | Syntax | Examples |
|---|---|---|
| Greater than | key:>value | price:>400 - logs with price value bigger than 400 |
| Smaller than | key:<value | price:\<400 - logs with price value smaller than 400 |
Multi-condition queries
To combine multiple queries, Lumigo supports AND,OR and NOT matching operators.
To avoid creating ambiguous queries, use parentheses.
For example:
( level:error OR level:warning ) AND resource:lambda-function
Date Filtering
Date filtering is exclusively performed via the date picker, with options for custom time frames including the last 15 minutes and a "MAX" option to search all logs within the retention period.
The default time frame for searches is set to the last 15 minutes.
Updated 5 months ago