Sample Elasticsearch Queries for Searching Logs
This page provides sample Elasticsearch Query String (QS) examples to help you construct search queries for filtering and exploring logs.
Steps
In Pulse, go to Logs from the left navigation bar.
On the Logs page, select the search type as Elastic QS.
Use the following sample Elastic QS queries to search logs.
Examples
- To search logs by a message string, Receiving BP-18:
message:Receiving BP-18- To search logs by a message string on a particular host:
message:Receiving BP-18 AND host.name.keyword:host4.acceldata.dev- To search application logs of a specific service:
fields.component:hdfs_datanodeSearch Keywords Allowed
The following keywords can be used in search queries:
| Keyword | Description | Example |
|---|---|---|
| fields.component | Search within services. | fields.component:hive_server |
| host.name.keyword | Filter by host name. | host.name.keyword:host2.acceldata.dev |
| source.keyword | Filter by source location. | source.keyword:/var/log/hive/hiveserver2.log |
| loglevel | Search within log levels: Info, Debug, Warn, or Error. | loglevel:INFO |
| Boolean operators AND, OR | Combine search conditions. | loglevel:INFO AND fields.component:hive_server |
Was this page helpful?