Search and analyze logs from various sources to debug issues and monitor your systems.
Supported Log Sources
- Loki
- Elasticsearch
- CloudWatch Logs
- Google Cloud Logging
- Azure Monitor Logs
Query Syntax
Loki (LogQL)
# Basic log line filter
{app="api"} |= "error"
# Parse and extract fields
{app="nginx"} | json | status >= 500
# Calculate rates
sum(rate({app="api"} |~ "error" [5m])) by (pod)
Elasticsearch (KQL)
# Basic search
kubernetes.container.name: "api" and message: "error"
# Time range
@timestamp >= now-15m and @timestamp <= now()
Examples
Error Patterns
# Find errors with stack traces
{app="backend"} |~ "(?i)error|exception|fail"
# Slow API responses
{app="api"} | json | duration > 1000
Best Practices
- Use specific labels/tags to filter logs
- Leverage parsing to extract structured data
- Use time ranges to limit result sets
- Create alerts for recurring error patterns
- Use log sampling for high-volume logs
Responses are generated using AI and may contain mistakes.