This is an internal documentation. There is a good chance you’re looking for something else. See Disclaimer.


Getting Started


If you’re logging in for the first time see First Login

  1. Log in on

  2. Important predefined searches and dashboards:


    Links only work for admins.



    Nice applications logs


    Nice - OOM



    Nice - DB failed connect

    Failures to acquire connections.


    Nice - DB timeout

    Exceeded DB timeout. Exceeded global, Postgres-wide timeout or timeout on REST API.



    Nginx HTTP request logs



    Operations main dashboard



    Saved Objects lists all available searches, dashboards and virtualizations

    These searches come with predefined filters:


    Edit and enable filter kubernetes.namespace_name: “nice-master” filter to filter logs of a specific installation.


Admin users have two tenants, admin and Private. In order to see any of the predefined objects (searches, dashboards, etc.), change to tenant admin. This will happen automatically if you follow any of the above links. This is not available for non-admin users and objects need to be imported as described in First Login.

While you are admin all changes to objects, including creating new objects, will be done globally for all admin users. Change to tenant Private to create personal objects.

Technical details: TOCO-513

Advanced Usage

Select a Time Range


Filter by Project / Installation


To search in all installations, you can use the following Query DSL:

{ "query": { "prefix": { "kubernetes.namespace_name": { "value": "nice-" }}}}

Note the Edit Query DSL in the above screenshot. This filter is active by default in the predefined searches listed in Getting Started.

Filter by Container


Available containers for Nice:


Application logs


Request logs

Predefined searches, see Getting Started, already filter the corresponding container.

View Surrounding Documents

Show logs directly before/after a message:


Query Syntax

  1. Search for ModelException in field stack_trace.

  2. The word ERROR must be contained in the result. Without the +, the results matching closest the query are returned even if they don’t contain all search terms.

  3. Filter out all results that contain the word runtime.

  4. Search for the phrase some text rather than the words some and text. You may also have to use quotes if the search term contains special characters. For instance, if it contains a hyphen, like start-up, it is treated as two words. Using "start-up" avoids this. In case you want to search a particular field, use message:"my search term".

More about Lucene Query Syntax

Add Columns


You can use the panel on the left or the detail view to show more columns.

Filter by Fields


By using the +/- magnifying glasses in the detail view, you can filter based on a field’s value.

Nice Logs

Searching for Similar Exceptions

  1. Open entry detail

  2. Filter by structured.stack_hash [1]

First Login

Check if you are an admin user:


If yes, follow instructions in Admin Users. Else follow those in Non-Admin Users.

Admin Users

On first login the index patterns need to be setup as follows:

  1. Set index pattern to ‘*’ (asterisk).

  2. Select ‘@timestamp’ as Time Filter field name and proceed to Discover.


See also Getting Started.

Non-Admin Users

  1. Download kibana_objects.json

  2. Import objects: