Help Document

Search

Log360 Cloud enables you to search through the log data collected from your on-premises environment.

Steps to perform a search

  • Click on Pick Device.
  • In the provided space, enter the search term.
    Note: The search operation is case sensitive.
  • Click on Search.
Search

Search terms

Single character wildcard search: Use the " ? " symbol.

Multiple character wildcard search: Use the " * " symbol.

Example: To list all the user with "ali" in their username, enter Username = ali*

Phrase searches: Enclose the phrase in double quotes.

Example: eventTime = "2017-07-31T04:02:17Z"

Boolean searches: Use the operators AND, OR, NOT.

Example: To list all the users who are not administrators, Username != admin.

Grouped searches: To list all the events with critical severity performed by either admin or operator, enter severity = critical AND ( Username = admin OR Username = operator)

Range searches: Search for a range of values using square brackets. Ex: USERNAME = [alice TO charlie] will return all the logs with usernames from Alice to Charlie.