LogQL

LogQL

Index Filtering

  • How logs are generally parsed: https://grafana.com/docs/loki/latest/query/log_queries/?pg=oss-loki&plcmt=quick-links#log-queries
    • The first part selects indexes
    • Then pipes
  • Comparison:
    • Standard:
      • =: exactly equal
      • !=: not equal
      • =~: regex matches
      • !~: regex does not match
    • Regex log stream examples:
      • {name =~ "mysql.+"}
      • {name !~ "mysql.+"}
      • {name !~ `mysql-\d+`}

        Content Filtering

  • Operators:
    • |=: Log line contains string
    • !=: Log line does not contain string
    • |~: Log line contains a match to the regular expression
    • !~: Log line does not contain a match to the regular expression

Exercises:

  1. Q: Find all logs from namespace “default”
    1. A: {namespace="default"} |=
  2. Q: Find logs from that namespace that contain “error” in the content
    1. A: {namespace="default"} |= "error"
  3. Q: And ones that contain error but not from rabbit?
    1. A: {namespace="default"} |= "error" != "rabbit"

results matching ""

    No results matching ""