Accessing Log Analysis
Last updated on 30 August, 2024After you start a log analysis session, all the logs are ingested and analyzed in the session. Each log analysis session is saved for 24 hours after it starts. You can share the log analysis session with other users.
You can access the Log Analysis feature using the following:
- From the LM Logs page to view query results in Log Analysis
- From the LM Alerts detail pane
- From the Resource and Resource Group columns in LM Logs page to view logs associated with those resources/groups in Log Analysis
To start and access the Log Analysis from the Logs page, do the following:
- In LogicMonitor navigation menu, select Logs.
- On the Logs page, select Log Analysis.
Note: In each log analysis session a maximum of 100,000 log messages or 1 weeks worth of logs can be analyzed. If there are more than 100,000 log messages or time range is greater than 1 week, the Log Analysis button becomes unavailable.
To access log analysis from the Alerts page, do the following:
- In LogicMonitor navigation menu, select Alerts.
- On the Alerts page, select an alert, and from the alert details pane, select Log Analysis.
Note: This will generate a query that is 30 minutes before and after the alert timestamp for the given resource. In the event that this time range generates a data set that is larger then the maximum allowed number of log messages:
- The time range will be shrunk by a configured size until it falls below this threshold.
- The number of logs will be shrunk up to 5 times before displaying a “Too Large” error.
To access log analysis from the Resources and Resource groups columns on the Logs page, do the following:
- In LogicMonitor navigation menu, select Logs.
- On the Logs page, from the Resources column, select the More options menu, and select Log Analysis.
Related topics:
- Log Analysis
- Log Analysis Widgets
- Filtering Logs using Log Analysis