Select & Filter Fields

Select single fields to search and filter on those fields.

Click on a field in the Fields panel — #severity in the example: a resizable flyout opens with the list of values found and the number of occurrences for each.
Figure 51. Select
Click the ⋮ icon next to a field name to get several filtering options.
Figure 52. Filtering Options
Select one of the options: for example, Aggregate → Group by value will group events by the value of that field, Timechart → Use field as series will run the timeChart() function in the Query editor to show events that have that field grouped into series and plotted in a timechart.

More filter options and interactions with fields are available, such as exclude () or include (⊜) in the search all events that have the selected field.

When the menu is opened for Field Interactions with live queries, the Fields panel flyout will display a fixed list of top values. The top values are kept from the point in time when the menu was opened. See Field Interactions for more information.

Data Analysis Overview

LogScale User Interface

Repositories & Views

Parsing Data

Searching Data

Writing Queries

Dashboards & Widgets

Automation

Query Language Syntax

Query Functions

Template Language

Keyboard Shortcuts

Select & Filter Fields

Enter search term