More than four months after the launch of Loggly Dynamic Field Explorer™, I continue to get amazing feedback from Loggly customers about how this feature is supercharging the insight they receive even from simple searches and truly changing the way they think about and consume their logs.
Many describe the big “aha” moment that came when they saw how Field Explorer provides a “bird’s-eye view” of their log data: at a glance, giving a summary of what data is there, and, in many cases, exposing things they didn’t know were there.
It’s true that Field Explorer is a lot like the map view in Google Maps:
- You can quickly see a summary of all the events and values that exist in your current view
- You use this immediate insight to decide whether to read just your search context or zoom into a more granular view of the log events
Think about the street view in Google Maps. Looking at a house or office building helps you locate that building once you’re on the right street. It offers insight on where to park. It even gives you clues about what’s inside the building. But you wouldn’t think of starting a Google Maps search in street view because you need to make sure the building is actually in the neighborhood in your current view before you zoom in. I think the experience should be the same with logs. It doesn’t make much sense to dive into the details of individual log events until you have a good idea of what’s there and have “zoomed in” on the right subset of events.
Numerics Support Simplifies Log Analysis Again
With the latest Loggly release, Field Explorer automatically displays a catalog of all the numeric fields shown in your logs, so you’re now presented with a full mapping of all the fields (numeric or text-based) automatically detected in your logs. Not only do you get dynamic, real-time insight into which fields exist, but you also have quick access to important metrics.
Field Explorer Offers Several Ways to Visualize Numeric Data
Any time you select a numeric field in Field Explorer, you’ll automatically be provided with insight into the range of values for that field and have the option to see further visualizations on it. Additionally, you’ll be able to quickly filter your data to a subset of log events based on the numeric value.
- Value of: By clicking on this option, you see a scatter plot of a sampling of the values for that numeric field shown over time, giving you immediate visibility into value distributions and outliers
- Statistics: In addition to a timeline representation of the values, you can also do some quick aggregate calculations (sum, average, maximum, or minimum) over time
- Single value: If you select this option, Field Explorer displays a single calculation on your field over the entire search context (for example, the maximum value encountered over the last 30 days)
- Quick filtering option: You can now quickly filter your logs based a numeric range of values in a specific field, without typing in a single range search or regex!
Seeing Is Believing When It Comes to Field Explorer
Time and time again, people tell me that seeing Field Explorer in action is the best way to understand the tremendous value it brings. I did a pretty comprehensive demo at the recent webinar I hosted with Jonathan Keith of Loggly customer Monex, so be sure to view the replay if you missed the session.
More Innovation Is in the Works!
The team here at Loggly is working hard on a number of other improvements that will let Field Explorer do even more of the log analysis grunt work for you and help you focus on the events that matter. If you’re using Field Explorer, please reach out to firstname.lastname@example.org and give us any feedback on how we can help you find things more quickly! If you haven’t tried Loggly for yourself, the new numerics feature is yet another reason to set up your free trial.