This topic describes how to query the contextual log entries of a specified log entry in the Log Service console.
Prerequisites
- Logs are collected by Logtail. For more information, see Logtail overview.
Note The context query feature is supported only for log data that is collected by Logtail.
- The index feature is enabled and configured. For more information, see Enable and configure the index feature for a Logstore.
Background information
Scenarios
For example, an online-to-offline (O2O) website records the following user behaviors and system operations for order transactions in application log files on multiple servers: logging on to the website, browsing products, selecting a product, adding the product to the shopping cart, placing an order, paying for the order, deducting the order amount, and generating the order.
If an order fails, O&M engineers must locate the cause at the earliest opportunity. If a traditional context query method is used, the O&M engineers must be authorized by an administrator to log on to each server where the O2O application is deployed. After authorization is complete, the O&M engineers must search the servers one after one for the related application log entries based on the order ID. Then, the O&M engineers locate the cause of the failure based on the application log entries.
- Install Logtail on the server. Create a machine group and log collection configurations in the Log Service console. Then, enable Logtail to upload incremental log entries to Log Service.
- On the search and analysis page in the Log Service console, specify a time range and find the log entry that records the failure based on the order ID.
- After you locate the log entry, page up until other related log entries (for example, a log entry that records a credit card payment failure) are found.

Benefits
- You do not need to change the format of application log entries.
- You can query the context of a log entry from any log file that is collected from any server in the Log Service console, without the need to log on to the server.
- You can specify a time range to locate suspicious log entries before you perform context query in the Log Service console. This improves troubleshooting efficiency.
- You do not need to worry about data loss that is caused by insufficient server storage or log file rotation. You can view historical log data in the Log Service console at any time.