This topic describes how to query the contextual log entries of a specified log entry in the Log Service console.
- Logs are collected by Logtail. For more information, see Logtail overview.
Note The context query feature is supported only for log data that is collected by Logtail.
- The index feature is enabled and configured. For more information, see Enable and configure the index feature for a Logstore.
For example, an online-to-offline (O2O) website records the following user behaviors and system operations for order transactions in application log files on multiple servers: logging on to the website, browsing products, selecting a product, adding the product to the shopping cart, placing an order, paying for the order, deducting the order amount, and generating the order.
If an order fails, O&M engineers must locate the cause at the earliest opportunity. If a traditional context query method is used, the O&M engineers must be authorized by an administrator to log on to each server where the O2O application is deployed. After authorization is complete, the O&M engineers must search the servers one after one for the related application log entries based on the order ID. Then, the O&M engineers locate the cause of the failure based on the application log entries.
- Install Logtail on the server. Create a machine group and log collection configurations in the Log Service console. Then, enable Logtail to upload incremental log entries to Log Service.
- On the search and analysis page in the Log Service console, specify a time range and find the log entry that records the failure based on the order ID.
- After you locate the log entry, page up until other related log entries (for example, a log entry that records a credit card payment failure) are found.
- You do not need to change the format of application log entries.
- You can query the context of a log entry from any log file that is collected from any server in the Log Service console, without the need to log on to the server.
- You can specify a time range to locate suspicious log entries before you perform context query in the Log Service console. This improves troubleshooting efficiency.
- You do not need to worry about data loss that is caused by insufficient server storage or log file rotation. You can view historical log data in the Log Service console at any time.
- Log on to the Log Service console.
- In the Projects section, click a project.
- On the tab, choose .
- Enter a query statement, select a time range, and then click Search & Analyze.
- On the Raw Logs tab, find the log entry whose context you want to query and choose .
- In the pane that appears, scroll up and down to view the contextual log entries.
- To highlight a keyword in red, enter the keyword in the text box.
- To page up, click Old.
- To page down, click New.
- To filter out fields, click Filter Field. In the dialog box that appears, select the fields in the right pane and click Delete. After the fields are filtered out, the fields are removed from the log entries that are displayed in the Context View pane.