LogScale User Interface
LogScale is brought to you via a web-based user interface, and provides access to your repositories, server logs, and metrics, and is the central area for administration and control. You can set up and find repositories, configure views, filter data, and limit access based on your needs, all in one place.
Figure 1. LogScale User Interface
Repositories and Views
Repositories are containers for your data server logs and metrics, with their own sets of users, dashboards, saved queries, and parsers. Views allow you to search across multiple repositories, can restrict your results to a specific subset of data, or limit access based on your interests and security needs.
To access your repositories and views, click thetab on the top left of your screen:
Figure 2. Repositories and Views
See the Repositories & Views documentation for much more information on how to create and use repositories.
Once you have data coming into your repositories, you can search that data
through the LogScale
Search UI page.
LogScale's Search functionality
allows for robust, fast regex searches of server logs and metrics in your
Figure 3. Search
See the Searching Data page for instructions on how to search.
You can store often used searches in the
Dashboards are a significant component of
the LogScale user interface, a great way to get an overview of your
systems. Dashboards are composed of
Widgets that you create to view
server activities in the form of various graphs and tables of relevant
Figure 4. Dashboards
Alerts, Actions & Scheduled Searches
Alerts are stored, live queries that continuously run and are triggered when user-set parameters are met or exceeded and users want to be notified, or when action must be taken. No more relying on routine checks, or worrying about not immediately detecting a problem when it occurs.
Actions are modules that can perform functions like informing administrators of a potential server problem. Alerts can also be set to trigger Actions.
Scheduled Searches are static queries, set to run on a schedule. At a scheduled interval, the query will run. If there is a result, the scheduled search will trigger its associated actions.
They are all available from the
Figure 5. Alerts
Go to Alerts documentation page for information on how to create and manage these items.
When sending logs and metrics to LogScale for ingestion, they must be parsed before they are stored in a repository. This is the case for all but LogScale's structured ingest endpoint, which stores data as-is. Parsers take text as input, and put extracted values into named fields.
You create and configure parsers through the
Parsers UI page:
Figure 6. Parsers
See Parsing Data documentation for more information.
Files refers to
files that are used for importing metadata, to both enrich and filter your
results in LogScale using the
match() query function.
You create or import files through the
Files UI page:
Figure 7. Files
See Lookup Files for more information.
Figure 8. Settings
LogScale supports a number of keyboard shortcuts that make it easier to navigate around the user interface, and also make editing queries and text easier.
Among these, the Jump Panel allows jumping to any repositories or dashboards — from anywhere within the user interface, press Ctrl+O and start typing the item you want to filter:
Figure 9. The Jump Panel
For the full list of shortcuts you can use in LogScale, see the Keyboard Shortcuts dedicated documentation.
Manage Your Account & Settings
LogScale offers a range of global and account specific settings by clicking on your profile account icon in the top right corner:
Figure 10. Account & Settings
More specifically you can:
Manage account settings, like API tokens and appearance from the Managing Your Account for more information.menu item, see
Manage your users, groups and roles from the Managing Users & Permissions for more information on managing authorization in LogScale.menu item, see
Administrate your cluster nodes, Kafka and ZooKeeper clusters (ZooKeeper up to LogScale version 1.107 only), monitor queries, set query quotas and more from the Cluster Management for more information.menu item. See
LogScale Collector Fleet Management allows you to monitor and manage a fleet of collector instances. To access these instances, click on the tab at the top of the screen.
Figure 11. Fleet Management
This page allows you to access:
Where you can get information about your configured instances of the Log Collector. See LogScale Collector Managing your Fleet.
Where you can centrally manage the configuration of all enrolled instances, including assigning a single configuration file to multiple instances, switching or modifying the configuration assigned, and monitoring the ingest and status of your instances.
Where you can create tokens for enrolling new instances, see Managing LogScale Collector Instance Enrollment
LogScale Collector Download
Where you can download the Log Collector and an example configuration file, see Falcon LogScale Collector.