View and Search
XpoLog allows for two separate types of searches, from the log viewer and from XpoLog Search. From the log viewer, you can investigate single logs, filter out specific strings and dig in deep. You even have the option of opening many log viewer tabs, to compare intimate details of different logs. Each log can be tailed for near real time view. From XpoLog Search you can search and view multiple logs and file sources.
- Search Data
XpoLog gives you a Google-like search for logs, single point of search and using simple queries and complex queries to quickly view all matching log events. Search through real time indexed log data, filter, understand, and act using XpoLog’s advanced and highly unique search platform.
XpoLog indexes all your system data IT infrastructure from any source in real time. It arranges and normalizes the data into a single database of a structured format. You can search through all your logs, applications, folders, servers, network devices, database tables, or anything else, in XpoLog Center. In one lone click, you can get all the results instantaneously. The XpoLog Search Engine enables users to search all logs from all sources in any timeframe. You can search for data on a single log base level in the Log Viewer, or you can search for data on a multiple log level in XpoLog Search. When searching through your data in the Log Viewer, you can open as many tabs as you like and compare multiple logs by navigating through these tabs. To view all your logs in one screen, XpoLog Search gives you a seemingly endless number of options, as your data is automatically depicted in the graph of your choice (line, pie, stack, etc.) and also in a table. Not to mention the Analytic Insights that XpoLog has already found for you to help you further investigate your logs. For more on Analytic Insights, see Analytics and Visualization Features.
- Log Viewer
In the Log Viewer, you can view and investigate multiple logs from multiple remote data sources in different tabs, for an enhanced view of several logs. You also have the option of viewing your data in real time.
In the Log Viewer console, you can view single logs. In essence, the Log Viewer is a dedicated view per log source in your browser where you can then easily navigate your way through the log using the toolbar buttons, from beginning to end of the log or vice versa. This is useful for digging down good and deep into particular logs you want to investigate on an intimate level. Simultaneously, you can open any number of tabs to view as many more logs as you wish and easily compare them. These logs can even come from different remote data sources; hence you get an enhanced view of many logs. In the log viewer you can opt to see your data in near real time by using the Tail button (see Live Log Tail).
- Live Log Tail
Live Log Tail offers you a real time view of your logs, applying live tail with search is like using uber-tail on many log files. The tail in the log viewer retrieves your data as it comes in and refreshes automatically.
Live log tail offers you a real time view of your logs as XpoLog’s search engine searches them for anomalies. The tail in the log viewer retrieves the data as it comes in and refreshes automatically according to the time selected from the collection policy. This way, you are automatically seeing your data in near real time. When automatically updating our files, you can even ask XpoLog to only update the latest data, rather than the entire file each time. In XpoLog Search this live tail function is even closer to real time, as it collects the data even faster. Here you can view the results both in the graph and table.
- Filter Log Data
XpoLog lets you filter log data to search for specific data in your log source or alternatively filter out noise from the view in order to focus on a specific data set. You can even request one specific string from ALL logs in an entire environment – and XpoLog will find it in a moment.
Filtering the log data in order to find specific data format, ID, problem or other pieces of information is crucial in any data mining process. The XpoLog filter allows for visual, form type, query definition of filtering rules that either search for your data in log source or alternatively filter out noise from the view to let you focus on a specific data set. You can filter according to any result, time, severity, message, etc. You can even filter for one specific string from ALL your logs in whole environment, and find it. This is an extremely useful tool for investigating problems in your system, as you can very quickly eliminate what you don’t need. You can also use the Search and Quick Filter features to perform fast searches and quick filters on the log, using specific terms, regular expressions, time range, and more. For more complex searches, you can use a regular filter.
- Multiple Sources
In the Log Viewer, you can view and investigate multiple logs from multiple remote data sources in different tabs.
In the Log Viewer, you can open, view, filter, and investigate multiple logs from multiple remote data sources in different tabs, for an enhanced view of many logs.
XpoLog has multiple tags you can use to navigate between several logs, although the investigation is still per log. This is a fast and easy way compare between logs.
The Log Viewer is a dedicated view per log source in your browser, so this is where you dig deep into specific logs. You compare the different logs by navigating through the tabs you opened. To view multiple log sources in a single screen, use the XpoLog Search. Here the search results are represented in tables and graphs. For more on XpoLog Search, see the Complex Search features.
- Log Correlation
XpoLog allows you to correlate between different logs, and view the results distributed over time.
In a Complex Search, you can request a transaction to correlate between different logs, and view the results distributed over time. You can see the results in graphs and tables. You can also take the results further and create customized gadgets to view them in a report/dashboard. These correlations can for example show us when certain transactions started and when they ended. Also, such correlations can be real eye-openers in cases where different logs from different sources experience similar anomalies.