Analyzing Simple Search Result Events

Running a Simple Search displays all events that match the search query. 

The following is displayed for each event:

  • The timestamp of the event, i.e. the date and time that the event occurred

  • The overall severity of the event, which is the severity of the highest problem found in the event (color-coded; high, medium, low, or none) (provided that Analytics is enabled)

  • The fields and field values of the event

  • The log, server, and applications of the event.

In each event, the text that you searched for is highlighted in yellow. In addition, provided that Analytics is enabled (the system default), the font of the searched text, is colored according to its severity. Also, all field values that  Analytics analyzes as being problematic, are color-coded in the event, according to their severity.

Severities are color-coded as follows:

  • Red – high severity problem

  • Orange – medium severity problem

  • Yellow – low severity problem

Hovering over any event displays a menu which enables you to open the Analytics of the event, or view the event in the log viewer.

You also have the option to expand/collapse all events, or alternately, to hide/show the Analytics of all events.