In the final installment of the Log Insight query building series I would like to cover the use of fields. Fields in Log Insight are a way of providing structure to unstructured data. Fields represent a regular expression pattern match for a particular object within an event. I covered how to manage fields in this post and now […]
In parts 1 and 2 of the query building series, I covered message queries, or queries that return text results. In part 3, I would like to cover aggregation queries, or queries that return visual results.
In my first post about querying building in Log Insight, I talked about using the search bar. Now, I would like to highlight the use of constraints.
If you missed the Deep Dive into vSphere Log Management with vCenter Log Insight session at VMworld 2013 then you missed out on some great information about Log Insight! If you are using or considering using Log Insight then I would highly recommend you view the recording as it will help you on your journey […]
I have not talked about Log Insight querying in a long time primarily because it has not changed. One thing I touched about in my query building series was suffix searching, or put another way searching for a keyword that ends with a fixed keyword. In this post, I would like to show how you […]
I covered query building in Log Insight a long time ago. While the UI has changed significantly since I wrote those posts, the information contained within them remains true to the current version of Log Insight. In Log Insight 3.0, two new operators were added to certain places within the UI — in one instance […]
I have been hearing a few questions around the Log Insight system architecture and more specifically how it works. This week, I would like to walk through a few different parts of the architecture to clear up potential questions. Part 1 of this series will talk about the pipelines Log Insight uses.