Search Results Area

Owned by Omry Koschitzky
Last updated: Sept 03, 2023 by XPLG Team
4 min read

The following table describes the user interface of the Search Results Area:

Element

Description

Element

Description

Search Results Summary Panel

A panel that summarizes the results of the search, and provides navigation to the result event pages.

Events Toolbar

Includes icons for expanding/collapsing events and controlling the view format

Events Area

A list of the events that match the search query.

Search Results Summary Panel

The Search Results Summary Panel includes the following details:

Element

Description

Element

Description

Search Summary

In the case of a simple search, displays the number of matching log events, the number of source logs of these events, and the period of time searched.

In the case of a complex search, displays the number of results in the table, the number of events that the results are based on, the number of source logs of these events, and the period of time searched.  

 

Paging in case of multiple events in the result

Events Toolbar

The Events Toolbar includes the following elements:

Element

Description

Element

Description

Expand all Events / Collapse all Events icons.

Clicking the icon expands all events to display all their column names and respective values.

 

Display mode - Raw data, Table formatted data, Parsed data.

 

use the menu (access via the 3 dots menu) to control the way you would like to display the events:

  • Raw data - data as read from source

  • Parsed - data parsed based on XPLG pattern(s) applied it

  • Table - table formatted view

Events Area

The Events Area includes a list of events resulting from the search, where each event contains the following elements:

Element

Description

Element

Description

Event timestamp

The date and time that the event occurred, in the format MM/DD/YYYY HH:MM:SS

 

The icon is always displayed next to each event’s timestamp allowing multiple options to copy or export specific event’s data -

Analytics layer

If Analytics is active, colors the fonts of the column values that Analytics detects as problematic, according to the following color-coding:

  • Red – high severity problem

  • Orange – medium severity problem

  • Yellow – low severity problem

Under the timestamp, displays the severity of the most severe column value detected by Analytics in the event: high, medium, low, or none.

Event source fields

Shows the source of the event – the log, server, and/or applications which generated the event. Mouse over on the log source indicator [Log] presents the full path of the source log that this message originates from.

 

Expand Event icon.

Appears at the end of an event that can be expanded to show all its column names and respective values. 

Clicking the icon expands the event to display all its column names and respective values.

Mouse Over Options

Mouse over on search results (and columns names) presents two optional action:

Search Actions - Clicking this icon presents a list of possible search actions on the highlighted phrase: append to current search using AND, append to current search using OR, excluding from current search, replacing the current search.
It is also possible to mark specific part of an event/string and these options will be available on the selected part.

 

Next to each event, when mouse overing it, these options will be displayed on the right hand side.

 

 

Zoom in to view the event in the dedicated log viewer (a new browser tab will be opened and the event will be highlighted)

Open an event explorer to view the event’s contents in multiple formats

Zoom in to Analytics screen.