Using analytical UI, you can interact with raw events granularly using facets and facets statistics. We build facets from each key-value pair in the log event. Facets allow you precisely search, find and analyze your data. In this section, we explain different components of the Analytical UI.
1. Navigation
This gives you access to different analytical UI functionalities.
- Dashboards
- Your Personalized dashboards to monitor new log events
- Events
- Access to raw events and analysis
- Metrics
- Analysis of metrics using time series
- Outliers
- Automated detection of outlier fields and data points
Additionally, if you configure custom aggregations, it will be added to the list of navigation tabs here.
2. Query Builder
Query Builder is a convenient and fluent way to build multi-select and multi-faceted queries using in-depth analysis of data. It gives you access to all facets and facet statistics. For each clause added-to or delete-from the query expression, a real-time analysis is performed, and you will immediately see the analysis of search results in the query builder. The Query builder is available to you on every tab in a consistent manner.
3. Current Query Expression
Current query expression is presented in a way using which you can add or delete any clause from the expression.
4. Time Series
The times series chart allows you to correlate the value distribution of any facet with time. Note that a facet is created for each key-value pair in the log event. Thus, time series is available for each attribute in the event.
5. Facets
We organize your data in facets. They show you the breakdown of search results along each dimension (facet) for context and correlation of objects. You can use them to drill-down results, change the direction of your search and interact with your data.
6. Advanced JSON viewer
The advanced JSON viewer shows details of the log event. Using the JSON viewer, you can:
- Easily view contents of a deeply nested JSON event.
- Either expand or collapse objects
- Flexibly scroll through the event body
- Further narrow the search by clicking on any value.
- See the highlighted search terms in the event body.