The contents The following table describes the user interface of the Search Results Area depends on the type of search that you run:
...
For a simple search, each result event meeting the search criteria is displayed.
...
Search Results Area:
Element | Description |
---|---|
Search Results Summary Panel | A panel that summarizes the results of the search, and provides navigation to the result event pages. |
Events Toolbar | Includes icons for expanding/collapsing events and controlling the view format |
Events Area | A list of the events that match the search query. |
Search Results Summary Panel
The Search Results Summary Panel includes the following details:
Element | Description |
---|---|
Search Summary | In the case of a simple search, displays the number of matching log events, the number of source logs of these events, and the period of time searched. In the case of a complex search, displays the number of results in the table, the number of events that the results are based on, the number of source logs of these events, and the period of time searched. |
Paging in case of multiple events in the result |
Events Toolbar
The Events Toolbar includes the following elements:
Element | Description |
---|---|
Expand all Events / Collapse all Events icons. Clicking the icon expands all events to display all their column names and respective values. | |
Display mode - Raw data, Table formatted data, Parsed data. | |
use the menu (access via the 3 dots menu) to control the way you would like to display the events:
|
Events Area
The Events Area includes a list of events resulting from the search, where each event contains the following elements:
Element | Description |
---|---|
Event timestamp | The date and time that the event occurred, in the format MM/DD/YYYY HH:MM:SS |
The icon is always displayed next to each event’s timestamp allowing multiple options to copy or export specific event’s data - | |
Analytics layer | If Analytics is active, colors the fonts of the column values that Analytics detects as problematic, according to the following color-coding:
Under the timestamp, displays the severity of the most severe column value detected by Analytics in the event: high, medium, low, or none. |
Event source fields | Shows the source of the event – the log, server, and/or applications which generated the event. Mouse over on the log source indicator [Log] presents the full path of the source log that this message originates from. |
Expand Event icon. Appears at the end of an event that can be expanded to show all its column names and respective values. Clicking the icon expands the event to display all its column names and respective values. | |
Mouse Over Options | Mouse over on search results (and columns names) presents two optional action: Search Actions - Clicking this icon presents a list of possible search actions on the highlighted phrase: append to current search using AND, append to current search using OR, excluding from current search, replacing the current search. |
Next to each event, when mouse overing it, these options will be displayed on the right hand side. Zoom in to view the event in the dedicated log viewer (a new browser tab will be opened and the event will be highlighted) Open an event explorer to view the event’s contents in multiple formats Zoom in to Analytics screen. |