LOGIQ Log2Metrics is a powerful feature that helps you convert your log data into a real-time metric. Using Log2Metrics, you can visualize your log data, plot distributions, create a custom index, and create alerts for events.
You can create new metrics from a log line in either the Logs page or the Search page of your LOGIQ UI. To create a new metric, click the three dots on a log line that you want to create a metric for. Doing so opens the options menu, as shown in the following image. From the options menu, click create metric.
You will now see the Log2Metric modal on the LOGIQ UI. To configure your new metric, fill out the fields in the Log2Metric modal appropriately.
The following table describes each of the fields in the Log2Metric modal.
Name of the Log2Metric
Set the severity level to low, medium, high, or critical.
Select a predefined group or add a new one.
A human-readable description of the Log2Metric.
Logs Namespace in which to create the Log2Metric.
This is an auto-populated field that is editable. You can use regex to match applications as well.
Labels for the Log2Metric. This field is not mandatory and can be used to create a group-by expression.
Label for Visualization
Used to visualize data. Visualizations are grouped by the label configured in this field.
Add tags to query
Tags that can be used to filter queries in the UI
You can also click Add more parameters to add more parameters to filter your logs by, as shown in the following image.
The configuration depicted in the image above creates a Log2Metric named
ingress_status_codes__e1034e. LOGIQ adds the suffix
__e1034 internally as a unique identifier for the Log2Metric. Once the Log2Metric is created, it adds its visualization to your dashboard. The following image depicts the visualization of the newly-created
Log2Metrics definitions also create custom indices that can be used to speed up search. Based on the definition, there can be multiple custom indices. The definition used in the example above creates two custom indices:
e1034e. You can use both of these indices to search for logs that match the definition. Based on what you enter in the Labels field of the Log2Metric configuration, additional indices may be created. For example, based on the definition used in the example above, if there are logs that match the status code
401 , an additional index is created named
ingress_status_codes__e1034e_status_code_401that can be used for searching for occurrences of logs that contain the status code