Logentries’ search capabilities are both powerful and flexible. You can search by simple keywords or use regular expressions directly in the search bar for advanced pattern matching. Logical operators and calculation functions are also available for adding logic, grouping data and calculating values.
Searching by keyword is just like searching with Google. Simply type what you want to see and click the Find button. Keyword search is particularly useful when searching for a specific key or value within a key-value pair. In the example below, searching the keyword “clicked” returns events containing the word “clicked”.
Using logical operators, you can narrow your search to more specific results. AND, OR and NOT are available and should always be capitalised when used. In the example below, using the AND operator returns only results that include click events where id=log-list. For more information on using logical operators, review our dedicated logical operators documentation.
Logentries search supports regular expressions (RegEx) for advanced pattern matching. If you’re comfortable with RegEx, you can build powerful searches to find patterns in event data like IP addresses. For more information on RegEx, consider visiting regexr.com. In the example below, we use regular expressions to match a pattern of digits. For more information on how to use RegEx within Logentries, review our dedicated RegEx search documentation
Calculation functions enable users to group event types and calculate values for deeper analysis. Calculation functions include SUM, COUNT, COUNT UNIQUE, AVERAGE and GROUP BY. In the example below, we COUNT the number of click events where id=live_tail. For more information on function syntax, review our dedicated search documentation
You can save searches for later use and for generating charts & graphs by clicking the star next to the query field.
Not sure which searches are worth saving? Logentries community packs contain pre-defined technology specific searches that can be added to your account in seconds
Once you’re comfortable searching your logs, it’s time to set up tags and alerts