This is an internal documentation. There is a good chance you’re looking for something else. See Disclaimer.

Logs

Getting Started

Hint

If you’re logging in for the first time see First Login

  1. Log in on https://kibana-openshift-logging.apps.openshift.tocco.ch.

  2. Important predefined searches and dashboards:

    Hint

    Links only work for admins.

    Search

    Nice

    Nice applications logs

    Search

    Nice - OOM

    OutOfMemoryErrors

    Search

    Nice - DB failed connect

    Failures to acquire connections.

    Search

    Nice - DB timeout

    Exceeded DB timeout. Exceeded global, Postgres-wide timeout or timeout on REST API.

    Search

    Nginx

    Nginx HTTP request logs

    Dashboard

    Ops

    Operations main dashboard

    *

    *

    Saved Objects lists all available searches, dashboards and virtualizations

    These searches come with predefined filters:

    ../../_images/predefined_filters.png

    Edit and enable filter kubernetes.namespace_name: “nice-master” filter to filter logs of a specific installation.

Important

Admin users have two tenants, admin and Private. In order to see any of the predefined objects (searches, dashboards, etc.), change to tenant admin. This will happen automatically if you follow any of the above links. This is not available for non-admin users and objects need to be imported as described in First Login.

While you are admin all changes to objects, including creating new objects, will be done globally for all admin users. Change to tenant Private to create personal objects.

Technical details: TOCO-513

Advanced Usage

Select a Time Range

../../_images/time.png

Filter by Project / Installation

../../_images/filter_install.png

To search in all installations, you can use the following Query DSL:

{ "query": { "prefix": { "kubernetes.namespace_name": { "value": "nice-" }}}}

Note the Edit Query DSL in the above screenshot. This filter is active by default in the predefined searches listed in Getting Started.

Filter by Container

../../_images/filter_container.png

Available containers for Nice:

nice

Application logs

nginx

Request logs

Predefined searches, see Getting Started, already filter the corresponding container.

View Surrounding Documents

Show logs directly before/after a message:

../../_images/surrounding_documents.png

Query Syntax

../../_images/query.png

  1. Search for ModelException in field stack_trace.

  2. The word ERROR must be contained in the result. Without the +, the results matching closest the query are returned even if they don’t contain all search terms.

  3. Filter out all results that contain the word runtime.

  4. Search for the phrase some text rather than the words some and text. You may also have to use quotes if the search term contains special characters. For instance, if it contains a hyphen, like start-up, it is treated as two words. Using "start-up" avoids this. In case you want to search a particular field, use message:"my search term".

More about Lucene Query Syntax

Add Columns

../../_images/add_column.png

You can use the panel on the left or the detail view to show more columns.

Filter by Fields

../../_images/filter_by_field.png

By using the +/- magnifying glasses in the detail view, you can filter based on a field’s value.

Nice Logs

Searching for Similar Exceptions

../../_images/stack_hash.png

  1. Open entry detail

  2. Filter by structured.stack_hash [1]

First Login

Check if you are an admin user:

../../_images/admin_tenant.png

If yes, follow instructions in Admin Users. Else follow those in Non-Admin Users.

Admin Users

On first login the index patterns need to be setup as follows:

  1. Set index pattern to ‘*’ (asterisk).

    ../../_images/setup1.png

  2. Select ‘@timestamp’ as Time Filter field name and proceed to Discover.

    ../../_images/setup2.png

See also Getting Started.

Non-Admin Users

  1. Download kibana_objects.json

  2. Import objects:

    ../../_images/import.png

Footnotes