The custom query feature in Application Real-Time Monitoring Service (ARMS) lets you extract valuable information from large volumes of log data, helping you detect errors, analyze patterns, and resolve issues efficiently.
Prerequisites
Application data is reported to Managed Service for OpenTelemetry. If you have not connected your application yet, see Integration guide.
Query syntax quick reference
Custom queries use a pipe-separated format:
Query statement|Analytic statementQuery statement (before the pipe): Filters log entries by field values.
Analytic statement (after the pipe): Aggregates or transforms the filtered results.
For the full syntax, see Query syntax and functions and Aggregate functions.
Run a custom query
Log on to the Managed Service for OpenTelemetry console.
In the left-side navigation pane, choose .
In the top navigation bar, select the region where your application is deployed.
In the search box, enter a query in the
Query statement|Analytic statementformat.In the upper-right corner, set the time range:
Option Description Relative time A sliding window relative to the current time, such as the last 15 minutes or 1 hour Time frame A fixed window, such as today or this week Custom time range A specific start and end time that you define (Optional) From the Index Attributes drop-down list, customize field queries and indexes based on your business requirements.
Set up alert rules from queries
Instead of running queries manually to check for errors, save a query as an alert rule to automate detection and notification.
After you run a query that returns the results you want to monitor, click the bell icon in the query interface.
Configure the alert conditions and notification channels.
When matching log entries are detected, the system automatically notifies your O&M team. For more information, see Create an alert rule.
For alert management specific to Managed Service for OpenTelemetry, see Alert management.