Log Explorer

Click on the Log Explorer module and select the option Log Explorer.


UTMStack displays the LOG ANALYZER window, which visualizes by default the tab New query 1 with all logs data ordered descendent per the field @timestamp. 

@timestamp represents the date and time where the log was entered to UTMStack. 

In tab +, you can add a new query. 


 1. Here, you have these options: 


  • Data refresh by clicking on the button Refresh data. 
  • Saving the query by typing the Name and Description after clicking Save. 
  • Data Export in a file .csv by clicking on the button Export to CSV 

  2. In the button Queries, you can manage your queries.


  3. In the option Source, you can select the default index pattern you want to analyze. Also, you can add a new index pattern by clicking on the option +Add source. However, let's keep the index pattern (log*) as an example.


4. Those data will be visualized on the tabs TABLE and CHART

If you drop down each filtered @timestamp, you can see another tab Table with all data associated with the log. 

UTMStack also enables a Filter and a small Table icon for each field.

  • The Filter icon allows filtering logs according to the corresponding field.
  • The small Table icon allows adding the field as a new table column. 


The tab JSON shows the JSON structure of that log. 


 By clicking on the CHART tab, UTMStack visualizes the logs quantity stored per field (@timestamp). 


However, you can visualize the quantity of a specific log stored per a specific time in a specific chart (bar or line).


 Also, you can save the chart as an image, zoom, step back and restore the chart in the corresponding options. 


5. The option +Add filter allows you to add new filters to sources, specifying a field, operator, and value.

For example, you can filter all logs matching the destination IP ( 


If you click on the filter, you can Edit, Delete and Invert the corresponding filter.