Query your logs
Last updated
Last updated
groundcover supports a rich set of features for log management, from collection to analysis. In addition, it fully supports defining alerts and dashboards based on a variety of attributes in your logs. This guide will explore how to get started querying your logs in our embedded Grafana.
groundcover uses ClickHouse as its database for storing logs. When building log based alerts or dashboards in our embedded Grafana, the ClickHouse datasource needs to be selected in order to query the logs stored.
See this page for examples you can get started with!
ClickHouse supports standard SQL syntax, which can be used to query the table storing your logs.
For example, the following query will return the count of logs in the selected time range:
Below is a list of the most commonly used fields in the Logs table, which should serve the majority of the use cases for alerting.
Can't find what you're looking for? Let us know over Slack!
| Name | Type | Notes |
|---|---|---|
timestamp
DateTime64
content
String
content log attribute if exists, entire log body otherwise
cluster
String
workload
String
namespace
String
k8s only
pod_name
String
k8s only
node_name
String
k8s only
level
String
lower-cased, e.g: 'info', 'error', 'fatal'...
format
String
'json', 'logfmt'...
env
String
See support for env name
string_attributes
Map(String,String)
String attributes extracted from formatted logs; empty for unformatted logs
float_attributes
Map(String, Float64)
Numeric attributes extracted from formatted logs; empty for unformatted logs
ClickHouse datasource for working with logs