Log Explorer

Click on the Log Explorer module and select the option Log Explorer.

log-explorer.jpg

UTMStack displays the LOG ANALYZER window, which visualizes by default the tab New query 1 with all logs data ordered descendent per the field @timestamp. 

@timestamp represents the date and time where the log was entered to UTMStack. 

In tab +, you can add a new query. 

log-explorer-analyzes.jpg

 1. Here, you have these options: 

options-1.jpg

  • Data refresh by clicking on the button Refresh data. 
  • Saving the query by typing the Name and Description after clicking Save. 
  • Data Export in a file .csv by clicking on the button Export to CSV 

  2. In the button Queries, you can manage your queries.

new-query.jpg

  3. In the option Source, you can select the default index pattern you want to analyze. Also, you can add a new index pattern by clicking on the option +Add source. However, let's keep the index pattern (log*) as an example.

sources-index-pattern.jpg

4. Those data will be visualized on the tabs TABLE and CHART

If you drop down each filtered @timestamp, you can see another tab Table with all data associated with the log. 

UTMStack also enables a Filter and a small Table icon for each field.

  • The Filter icon allows filtering logs according to the corresponding field.
  • The small Table icon allows adding the field as a new table column. 

data-logs.jpg

The tab JSON shows the JSON structure of that log. 

json.jpg

 By clicking on the CHART tab, UTMStack visualizes the logs quantity stored per field (@timestamp). 

 

However, you can visualize the quantity of a specific log stored per a specific time in a specific chart (bar or line).

filter-by-logs,-time,-chart.jpg

 Also, you can save the chart as an image, zoom, step back and restore the chart in the corresponding options. 

options-save,-zoom,-etc.jpg

5. The option +Add filter allows you to add new filters to sources, specifying a field, operator, and value.

For example, you can filter all logs matching the destination IP (10.0.0.2). 

add-new-filter.jpg 

If you click on the filter, you can Edit, Delete and Invert the corresponding filter.