Last updated at Fri, 03 Nov 2017 18:21:00 GMT
We recently announced the release of Logentries Query Language (LEQL), an even more powerful but incredibly easy way to query your log files. The new Querybuilder search tool automatically identifies the available Key Value Pairs in your log events and presents them as options to be included in your query. The Querybuilder also displays a list of available query functions that can be used to calculate values such as COUNT, SUM, AVERAGE, MIN & MAX.
The Querybuilder enables advanced analytics and easy extraction of valuable insights from your log data. You can quickly search for specific events and extract key metrics or trends about your systems’ behavior.
So, What’s New?
We have made the Querybuilder even easier to use by introducing a simple and advanced mode so you can choose to write your LEQL queries manually, or use a handy toolbar to build your query – or you can switch between both modes and use both!
Simple mode:
The simple mode provides easy access to the LEQL calculation commands. If you want to group your data, you simply start typing the name of the keyword you’re searching for, and all the matching ones will appear automatically.
The resulting query will be displayed above the Querybuilder, so you can still see the full LEQL query that will be run.
Let’s have a look.
Here is the Querybuilder in simple mode. In the first part of the textbox, you just type whatever you’re searching for (want to use Regular Expressions? No problem! read more here).
Let’s search for the string “Server 1.” As you type, you will see that the query is updated in real time.
Now we’re going to group them by another key – we’re going to use remoteIP for this. All we need to do is start typing the name of the key into the “Group By” box and the matching key names will automatically appear:
So far, so good. Now finally, we want to calculate the count – and that’s as simple as selecting it from the Calculate menu.
Now, just press the Find button and you’re done!
Want to use a different calculation? No problem – just select the calculation from the menu, and a box will appear where you enter the key you’re calculating. In this example, we’re going to get the MAX value of the status key values – for example, maybe you want to find the maximum response time of HTTP requests to your server.
Advanced mode
Prefer your keyboard to your mouse? The advanced mode will let you type in your LEQL queries just like before. If you switch from Simple to Advanced mode, then the query box will automatically display the query that was built using the simple mode.
You can immediately validate your query by checking the message above the query box. In the example below, I’ve spelled “where” incorrectly, and I get instant feedback that there is a problem with the query. I will not be able to switch back to Simple mode until I’ve corrected this.
Anything else new?
Since you asked..We have an updated date range selector for you too. You can choose from a wider range of pre-populated time periods:
And of course, you can still enter a custom date range. Make sure to check out the “Now” option, to assure you’re searching your most recent logs.
As always, any questions or feedback on the Querybuilder or Data Range Selector, let us know at support@logentries.com! Don’t have a Logentries account yet? Get started in minutes for free.
