Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Search queries executed queries run by XpoSearch return the following:

  • A graphical presentation of matching events over timeDistribution over , with the ability to see the distribution of events over the multiple log sources
  • The matching log events from all relevant logs

Analyzing Graphical Distribution of Search Results

XpoLog returns a graph that shows the distribution of events over time. You can choose how to display the graph and what to show in the graph. You can also view the distribution of the results in a log, zoom in or out of any time slot, and view the previous or next timeslot.    

Defining Graph

XpoLog enables you to define what your graph looks like, as well as its contents, using the icons on the Graph Toolbar.

Defining Graph Display

You have the option of displaying your graph as a bar graph (the default) or a line graph. In the bar graph, a bar appears at each point in time where events were found to match your search query. The height of each bar represents the number of events that occurred at the specific time. A bar does not appear at times when no events matching your search query occurred. A line graph shows how the number of events matching the search query changes from one point in time to the next.

To display your graph as a bar graph:

  • In the Graph Toolbar, click Image Removed.

To display your graph as a line graph:

  • In the Graph Toolbar, click Image Removed.

Defining Graph Contents

You have the option of displaying your graph in a split view or a summary view.

Viewing Distribution of Results

Viewing Results in Log

Zooming In/Out of a Timeslot

You can zoom into any timeslot in your graph, so that you can see a more detailed breakdown of events over a smaller period of time. For example, a search executed for a time period of seven days shows the distribution of events that match the search criteria, per day. You can then zoom into any timeslot (day) to see the distribution of events during that day, and you can zoom in further to see the distribution of events in a specific hour on that day. ,  

Viewing Previous /Next Timeslot

Analyzing Search Result Events

Expanding/Collapsing All Events

Enabling/Disabling Analytics of All Events

Opening Analytics of an Event

Viewing an Event in the Log Viewer

Navigating to a Page of Events

...

  • A summary panel of the search results, with the ability to set the number of results per page and navigate to any page
  • For a simple search – the matching log events from all relevant logs
  • For a complex search – a table that summarizes the results of the complex search