Query your logs
groundcover supports a rich set of features for log management, from collection to analysis. In addition, it fully supports defining alerts and dashboards based on a variety of attributes in your logs. This guide will explore how to get started querying your logs in our embedded Grafana.
The ClickHouse datasource
groundcover uses ClickHouse as its database for storing logs. When building log based alerts or dashboards in our embedded Grafana, the ClickHouse datasource needs to be selected in order to query the logs stored.
Querying the Logs table
ClickHouse supports standard SQL syntax, which can be used to query the table storing your logs.
For example, the following query will return the count of logs in the selected time range:
Commonly used fields in the Logs table
Below is a list of the most commonly used fields in the Logs table, which should serve the majority of the use cases for alerting.
Can't find what you're looking for? Let us know over Slack!
| Name | Type | Notes |
|---|---|---|
timestamp | DateTime64 | |
content | String |
|
cluster | String | |
workload | String | |
namespace | String | k8s only |
pod_name | String | k8s only |
node_name | String | k8s only |
level | String | lower-cased, e.g: 'info', 'error', 'fatal'... |
format | String | 'json', 'logfmt'... |
env | String | See support for env name |
string_attributes | Map(String,String) | String attributes extracted from formatted logs; empty for unformatted logs |
float_attributes | Map(String, Float64) | Numeric attributes extracted from formatted logs; empty for unformatted logs |
Last updated
