SYS-CON MEDIA Authors: Yeshim Deniz, Roger Strukhoff, Jason Bloomberg, Pat Romanski, Liz McMillan

Blog Post

Introducing Logentries’ New Querybuilder

by Eoin Shanley

We recently announced the release of Logentries Query Language (LEQL),  an even more powerful but incredibly easy way to query your log files. The new Querybuilder search tool automatically identifies the available Key Value Pairs in your log events and presents them as options to be included in your query. The Querybuilder also displays a list of available query functions that can be used to calculate values such as COUNT, SUM, AVERAGE, MIN & MAX.

logentries-new-querybuilder

The Querybuilder enables advanced analytics and easy extraction of valuable insights from your log data. You can quickly search for specific events and extract key metrics or trends about your systems' behavior.

So, What's New?

We have made the Querybuilder even easier to use by introducing a simple and advanced mode so you can choose to write your LEQL queries manually, or use a handy toolbar to build your query - or you can switch between both modes and use both!

Simple mode:

The simple mode provides easy access to the LEQL calculation commands. If you want to group your data, you simply start typing the name of the keyword you're searching for, and all the matching ones will appear automatically.

The resulting query will be displayed above the Querybuilder, so you can still see the full LEQL query that will be run.

Let's have a look.

Image 1

Here is the Querybuilder in simple mode. In the first part of the textbox, you just type whatever you're searching for (want to use Regular Expressions? No problem! read more here).

Let's search for the string "Server 1." As you type, you will see that the query is updated in real time.

upload (3)

Now we're going to group them by another key - we're going to use remoteIP for this. All we need to do is start typing the name of the key into the "Group By" box and the matching key names will automatically appear:

upload

So far, so good. Now finally, we want to calculate the count - and that's as simple as selecting it from the Calculate menu.

upload (1)

Now, just press the Find button and you're done!

upload (4)

Want to use a different calculation? No problem - just select the calculation from the menu, and a box will appear where you enter the key you're calculating. In this example, we're going to get the MAX value of the status key values - for example, maybe you want to find the maximum response time of HTTP requests to your server.

upload (5)

Advanced mode

Prefer your keyboard to your mouse? The advanced mode will let you type in your LEQL queries just like before. If you switch from Simple to Advanced mode, then the query box will automatically display the query that was built using the simple mode.

upload (6)

You can immediately validate your query by checking the message above the query box. In the example below, I've spelled "where" incorrectly, and I get instant feedback that there is a problem with the query. I will not be able to switch back to Simple mode until I've corrected this.

upload (7)

Anything else new?
Since you asked..We have an updated date range selector for you too. You can choose from a wider range of pre-populated time periods:

upload (8)

And of course, you can still enter a custom date range. Make sure to check out the "Now" option, to assure you're searching your most recent logs.

upload (9)

As always, any questions or feedback on the Querybuilder or Data Range Selector, let us know at [email protected]! Don't have a Logentries account yet? Get started in minutes for free.

More Stories By Trevor Parsons

Trevor Parsons is Chief Scientist and Co-founder of Logentries. Trevor has over 10 years experience in enterprise software and, in particular, has specialized in developing enterprise monitoring and performance tools for distributed systems. He is also a research fellow at the Performance Engineering Lab Research Group and was formerly a Scientist at the IBM Center for Advanced Studies. Trevor holds a PhD from University College Dublin, Ireland.

Latest Stories
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera's expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust tha...
In his session at 23rd International CloudEXPO, Raju Shreewastava, founder of Big Data Trunk, will provide a fun and simple way to introduce Machine Leaning to anyone and everyone. Together we will solve a machine learning problem and find an easy way to be able to do machine learning without even coding. Raju Shreewastava is the founder of Big Data Trunk (www.BigDataTrunk.com), a Big Data Training and consulting firm with offices in the United States. He previously led the data warehouse/busine...
CloudEXPO has been the M&A capital for Cloud companies for more than a decade with memorable acquisition news stories which came out of CloudEXPO expo floor. DevOpsSUMMIT New York faculty member Greg Bledsoe shared his views on IBM's Red Hat acquisition live from NASDAQ floor. Acquisition news was announced during CloudEXPO New York which took place November 12-13, 2019 in New York City. Our Silicon Valley 2019 schedule will showcase 200 keynotes, sessions, general sessions, power panels, and...
ShieldX's CEO and Founder, Ratinder Ahuja, believes that traditional security solutions are not designed to be effective in the cloud. The role of Data Loss Prevention must evolve in order to combat the challenges of changing infrastructure associated with modernized cloud environments. Ratinder will call out the notion that security processes and controls must be equally dynamic and able to adapt for the cloud. Utilizing four key factors of automation, enterprises can remediate issues and impro...
Intel is an American multinational corporation and technology company headquartered in Santa Clara, California, in the Silicon Valley. It is the world's second largest and second highest valued semiconductor chip maker based on revenue after being overtaken by Samsung, and is the inventor of the x86 series of microprocessors, the processors found in most personal computers (PCs). Intel supplies processors for computer system manufacturers such as Apple, Lenovo, HP, and Dell. Intel also manufactu...
When you're operating multiple services in production, building out forensics tools such as monitoring and observability becomes essential. Unfortunately, it is a real challenge balancing priorities between building new features and tools to help pinpoint root causes. Linkerd provides many of the tools you need to tame the chaos of operating microservices in a cloud native world. Because Linkerd is a transparent proxy that runs alongside your application, there are no code changes required. I...
BMC has unmatched experience in IT management, supporting 92 of the Forbes Global 100, and earning recognition as an ITSM Gartner Magic Quadrant Leader for five years running. Our solutions offer speed, agility, and efficiency to tackle business challenges in the areas of service management, automation, operations, and the mainframe.
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential. DevOpsSUMMIT at CloudEXPO expands the DevOps community, enable a wide sharing of knowledge, and educate delegates and technology providers alike.
Darktrace is the world's leading AI company for cyber security. Created by mathematicians from the University of Cambridge, Darktrace's Enterprise Immune System is the first non-consumer application of machine learning to work at scale, across all network types, from physical, virtualized, and cloud, through to IoT and industrial control systems. Installed as a self-configuring cyber defense platform, Darktrace continuously learns what is ‘normal' for all devices and users, updating its understa...
Cloud-Native thinking and Serverless Computing are now the norm in financial services, manufacturing, telco, healthcare, transportation, energy, media, entertainment, retail and other consumer industries, as well as the public sector. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that pro...
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embr...
At CloudEXPO Silicon Valley, June 24-26, 2019, Digital Transformation (DX) is a major focus with expanded DevOpsSUMMIT and FinTechEXPO programs within the DXWorldEXPO agenda. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term. A total of 88% of Fortune 500 companies from a generation ago are now out of business. Only 12% still survive. Similar percentages are found throug...
OpsRamp is an enterprise IT operation platform provided by US-based OpsRamp, Inc. It provides SaaS services through support for increasingly complex cloud and hybrid computing environments from system operation to service management. The OpsRamp platform is a SaaS-based, multi-tenant solution that enables enterprise IT organizations and cloud service providers like JBS the flexibility and control they need to manage and monitor today's hybrid, multi-cloud infrastructure, applications, and wor...
Apptio fuels digital business transformation. Technology leaders use Apptio's machine learning to analyze and plan their technology spend so they can invest in products that increase the speed of business and deliver innovation. With Apptio, they translate raw costs, utilization, and billing data into business-centric views that help their organization optimize spending, plan strategically, and drive digital strategy that funds growth of the business. Technology leaders can gather instant recomm...