Last updated at Tue, 25 Apr 2023 20:23:17 GMT

Hi, I'm Laura, UX Designer at Logentries and today I'm going to discuss how just about anyone can use Logentries to search and analyze their log data no matter what their job title or technical skill level.

What is Logentries?

At Logentries, the team works tirelessly to provide an easy to use log management service that allows users to stream their logs from just about anything. Logentries can accept data from almost any device that generates log data, including servers, applications, firewalls and routers. Really, any data, from any device and in any kind of format. These log events are automatically collected and sent to one secure location where users can quickly search and visualize their data to find out all they need to know.

Typically, Logentries is used by DevOps and Developers while they are busy debugging, monitoring and troubleshooting. More recently, as Logentries has become part of Rapid7 information security and analytics solutions, the power of log search has grown to include a new variety of users within information security teams and IT. These professionals use Logentries search to help solve security problems, investigate incidents and help maintain compliance.

So IT guys get to have all the fun?

Not quite. We have a growing number of users from non-technical backgrounds who are hot on their heels. Businesses and marketing teams have recognized the potential of using Logentries to monitor behaviors, identify patterns and gather all types of interesting information to help focus their business goals or marketing campaigns.

The basics of performing a search

So you're not a DevOps master or some kind of IT guru? No problem. I'm going to take you through the basics of performing a search in Logentries using our very own search language LEQL (Logentries Query Language). Using this simple SQL-like language you can extract data hiding deep in your logs.

The basic structure

Now that you know the basic query format, we will take a look at putting it into practice. For example, let's take myself, a UX Designer who wants to design solutions for an improved user experience within Logentries. But where do I start? Where do I focus my energies? First I want to discover the most popular or core features in Logentries.

Easy. I can do this by using an application library such as node.js, .Net or Java libraries which allow you to log straight from the front end of your application. You can find this in the "Add a log" page and it is a quick and easy set up process. You can find a more detailed set up process and tips in the blog post "A different way to log your website usage".

Your developer will help you embed the necessary code into your site and create listeners on elements you would like to track like buttons, links, pages and features. Once set up it can track metrics such as usage trends, activity, behaviors and engagement times across your application.

Tracking most clicked features

Now that I have the information that is important to me logging to my Logentries account, I can write some LEQL to query this data. First, navigate to the Logentries Log view. This is where logs feed into, where we can select logs and where we can search. The query search bar has two modes. "Advanced" is the mode an experienced user would use to write full LEQL queries. "Simple" mode is for users who are newbies or just need a helping hand in building their query. We are going to use simple mode to get you started.

We are interested in learning how often a user visits a feature. We can find this out by tracking how often the button or link to this feature is clicked.

Default query bar in simple mode

First comes the "where" field followed by the "groupby" and "calculate" fields. Next is an icon to allow you to save your query and a time picker to allow you to select a particular time range to search. The mode can be toggled between simple and advanced via the switch mode link.

Step 1

We want to search for click events so we search the keyword "clicked." Keyword search will work on all log entries regardless of their format and are case sensitive by default. This will give you a result of all the log entries containing click events. You can see the keyword highlighted in yellow.


Step 2

That's great, but we want to do a more granular search. We need to break this up into exactly what features were clicked. Let's group by "features." Once this key is added to your query the calculate function automatically selects calculate(count). This returns a count of the matched search.


Your results are returned as a table with all of your search criteria listed and a visualization of your data. Now you can see all the features that have been clicked and how often they were clicked giving an indication into what features users spend most of their time using. This can help me prioritize where I should focus my efforts to work towards making these features better for our users.

Endless possibilities

This is just one example of how you can use Logentries search to gain insight into your application usage. You could potentially find out lots of other interesting data like what screen resolution your users use most or what the most popular browsers are. You could find out how often or at what point a user drops off or cancels from a workflow such as a sign up process or a create wizard. Or even how long a user hovers on a button or how long they spend on a particular page. The possibilities are endless.

To learn more about search check out our docs or start a 30 day free trial.

Thanks for reading!
Laura Ellis
UX Designer, Rapid7