Skip to main content

grafana-logs-search-by-string

#post

Search Grafana Logs by String

  • example: marta asked me to tell her which users had looked at particular data in the app recently
  • translation:
    • output a list of user emails
    • who made queries that included the text “HT55”, “DLD1” or “RCM1” in their groupLabel param
    • over the past two months
  • I wouldn’t have known how to quickly do that from memory
  • show the query that accomplishes that
    • substring match approach
    • json field parsing approach? (would be preferable but I’ve had no luck figuring it out)
      • ask guild-observability? give them a link to a query that queries by string match (e.g. for status codes of 500+) and ask them to solve the puzzle of expressing that query without regex workaround? would ideally like to identify the field (?.status) and express the condition numerically (>= 500)
  • show the output
  • abstract the reusable takeaways

By string match

By regex match

file:grafana