Lab 1 - Search Basics: Metadata and Keywords
In this lab, you will learn the use of metadata and keywords to narrow your search scope and improve performance.
-
Search for all messages with _sourceCategory=Labs/Apache/Access for the last 15 minutes.
_sourceCategory=Labs/Apache/Access
-
To identify client errors, narrow your search for only those with "404".
_sourceCategory=Labs/Apache/Access AND 404
-
Use Boolean logic to search for log lines matching "Error" or "check" or "checkout".
_sourceCategory=Labs/Apache/Access AND (Error OR check*)
-
In a new tab, search for messages with _sourceCategory=Labs/Apache/Error for the last 45 minutes (-45m).
_sourceCategory=Labs/Apache/Error
-
Search across both Labs/Apache/Access and Labs/Apache/Error Source Categories:
_sourceCategory=Labs/Apache/Error OR _sourceCategory=Labs/Apache/Access
-
Search across both Labs/Apache/Access and Labs/Apache/Error Source Categories using wildcards:
_sourceCategory=Labs/Apache/*
-
Run a Live Tail search for Labs/Apache/Access for messages containing 404s. Notice Live Tail sessions do support wildcards searches.
_sourceCategory=Labs/Apache/Access 404
|
QUIZ: True or False
|