EventLog Analyzer provides you with a handy 'Tagging' tool that makes your Log Search simpler and more effective.
'Tagging' tool bookmarks your logs and the next time you want to search for those logs, you can just search them by the tag name instead of typing the search query.
It gives the flexibility to associate multiple criteria to the same tag. This makes your Log Search easier by returning the search results for the multiple criteria in a single shot, just by the tag name.
For instance, you need to view all the logs of login denial across different sources such as UNIX, Windows and Oracle application logs, then you can associate them all in just one tag. This tag returns all the login denial logs in a single shot.
Tagging feature also provides you a room for adding/editing the search criteria, enabling you to refine your search anytime.
You can also add trouble shooting tips or notes along with your tag, that helps in providing information for other users in analyzing those logs.
This section explains you on
How to create a tag
To create a tag, go to the 'Search' tab,
- Specify the search criteria that returns the log you require
Beside the log messages and below the Field extraction icon, you will find the 'Assign Tag' icon
Click on 'Assign Tag' icon. This will open the Assign Tag UI
In the Assign Tag UI, provide the name of the tag
Select the tag criteria from the predefined list.Depending on the search result, the predefined list will have the search criteria.If the predefined list, does not have the field you are looking for, then configure those fields use the column selector available at the right top in search results pane
With 'Add Notes' field, you can substantiate the tag with troubleshooting tips/notes. This will help in analyzing and interpreting the tag results
Specify the user name. By default, the current user name (who had logged on to the EventLog Analyzer web client), will be displayed in the Username field
- After giving all appropriate values click on 'Apply' to save the tag
How to edit a tag
A tag's criteria can be edited either through
Settings tab > Edit/Del Tags. To know more on how to edit the tag criteria with this option refer How to edit tag criteria with Settings option
Search results page of the tag > Click on edit icon beside the tag name
With this option, you can
How to perform Log Search using a tag
To search for a tag, you need to prefix '#' before the tag name
Upon typing the first character of the tag name,EventLog Analyzer provides you an Auto-suggestion option for the tags to choose from
How to delete a tag
To delete a tag,go to
Settings tab> Tags > Edit/Del link
Click on the delete icon corresponding to the tag name in the tag table.
a. The tag name and the notes added to the tag should contain only alphanumeric characters
b. Tag criteria could be edited only by the user who created the tag and EventLog Analyzer users with Administrative privilege
c. Any user of EventLog Analyzer can add a note to tag, irrespective of the tag creator