Searching Spans and Logs

In addition to the SQL-like query language, Uptrace allows you to search spans and logs using a more concise and natural query language.

Searching

Word filter

The simplest query is just a word, which must be found in the search scope.

For example, the query error will find the following logs:

err
error
ERROR
ERRor
an error just occurred

If the query consists of multiple words, all words must be found in the search scope. For example, the query error select will find the following logs:

error select
select error
an error has occurred when executing a select query

To search for multiple words at once, separate them with |. For example, the query select|update will find the following logs:

select
update
select update

Phrase filter

To search for logs that contain a phrase, simply quote the phrase with double quotes. The phrase can contain any characters, including spaces, punctuation, parentheses, etc.

For example, the query "select query" will find the following logs:

an error has occurred when executing a select query
select query

But it won't find the following logs:

query select
selecting a query

Regexp filter

To search for logs that contain a regular expression, prefix the expression with ~.

For example, the query ~err will find the following logs:

err
error
an_err
some error

If the regular expression contains a space, quote the expression with backticks:

~`\d{4} \w+`

Negative filter

To exclude logs that contain certain words or phrases, prefix the word with -.

For example, the query error -ssh will find error logs that don't have the word ssh.

Search scope

The search scope is a list of attributes that Uptrace will use for filtering. By default, the search scope is the current grouping expression. When grouping by _group_id, the search scope is the display_name attribute.

GroupingSearch Scope
group by _group_iddisplay_name
group by service_name, host_namedisplay_name, host_name
group by _group_id, service_namedisplay_name, service_name

You can change the search scope for words, phrases, and regexps like this:

host_name:host1 service_name:"hello world" ~foo:bar
Last Updated: