Alibaba Cloud Elasticsearch allows you to search and view multiple types of logs, including the Elasticsearch instance log, search slow log, indexing slow log, and GC log. You can search for specific log entries by entering keywords and setting a time range.
You can query log entries generated in seven days in a row. By default, the log entries are displayed by time in descending order. The Lucene query syntax is supported. For more information, see Query string syntax.
Examples
This example searches the Elasticsearch instance log. Log entries are returned if
they meet all of these conditions: the content contains the health keyword, the level is info, and the host is 172.16.xx.xx.
- Log on to the Alibaba Cloud Elasticsearch console and open the instance management page.
- Choose .
- Enter the query string into the search box.
In this example, the query string is
host:10.8.xx.xx AND content:health AND level:info.NoticeANDin the query string must be uppercase. - Select a start date and end date, and then click Search.
Notice
- If you do not select an end date, the current system time is specified as the end date.
- If you do not select a start date, the start date is the time 1 hour earlier than the end time.
After you click Search, Elasticsearch returns the log entries that match your query string and displays them on the current page. The returned log data contains the following information: Time, Node IP, and Content.
- Time: the time when the log entry was generated.
- Node IP: the IP address of the node.
- Content: includes
level,host,time, andcontent.Field Description levelThe level of the log entry. Log levels include trace, debug, info, warn, and error. The GC log does not contain the levelfield.hostThe IP address of the node. Note To query the IP addresses of the nodes, log on to the Kibana console, open the Monitoring page, and click Nodes under Elasticsearch.timeThe time when the log entry was generated. contentThe content of the log entry.
