As Nočnica Fee mentioned in last week's Nerdlog Roundup, logs are one of four fundamental components of observability (along with metrics, events, and traces). They include the most detail about the function of your application. In this week’s episode, the log management excitement and innovation continued with Julian Giuca, Barak Reif, Rebecca Holzschuh, and Aaron Bassett. They showed us how you can find patterns, partition or parse your log data, and use guided install to add log data to help you quickly and easily explore, organize, troubleshoot, and get insight into your entire stack.
Detect patterns and outliers in log data
We now offer a new capability that uses machine learning to cluster, detect patterns, and surface outliers in your log data automatically. Log patterns enable you to explore and group millions of log messages, all in a single click, to reduce the time for troubleshooting, identify unusual behavior, and find the most frequent or rarest sets of logs in your environment.
The best part about log patterns is that you can use them to create queries, alerts (i.e., when the frequency of data changes), drop rules (i.e., drop rules to eliminate unimportant data), and dashboards. That way, you can focus on what matters most to you.
The line chart shows the top 5 patterns over time. Use the time picker and query bar to adjust the results.
To get started with log patterns, click here or follow the instructions below:
- Head to one.newrelic.com.
- Select Logs.
- Use the account picker dropdown to select the target account where you want to explore patterns.
- In the left navigation of the Logs UI, click Patterns.
In the Nerdlog segment, Barak and Julian showcase the power of log patterns and share some exclusive tips and tricks for understanding what makes a good pattern and measuring the effectiveness of patterns. Watch it below:
Log patterns is currently in beta; contact your New Relic account manager to experience the power of this feature and look out for an on/off functionality directly in the UI in the coming weeks.
Check out our documentation to learn more about log patterns, availability, exploring logs with no patterns, and masked attributes and wildcards.
Parse logs faster with machine learning
Parsing and partitioning log data is also a key feature we’ve added to help you filter and organize logs and build better queries and alerts. By splitting unstructured data into attribute/value pairs, parsing log data can help you gain more insight into your stack.
The simplest way to organize your logs and how they are parsed is to include the logtype attribute in your log event. This field tells New Relic to parse logs using built-in rulesets. You can create custom rulesets to manage logs that are formatted and structured in a unique way.
To create a custom parsing rule, follow the instructions below:
- Head to one.newrelic.com.
- Select Logs.
- Use the account picker dropdown to select the target account where you want to manage parsing.
- In the left navigation of the Logs UI, click Parsing.
- Click the Create parsing rule button.
- Give the rule a name, choose an attribute and a value.
- Write your Grok pattern to define how you want the log parsed, and click Test Grok to test your rule.
- Click the Enable rule toggle and Save parsing rule button.
In the Nerdlog segment, Rebecca and Julian discuss log parsing and partitioning and give an overview of using log patterns to create alerts, queries, dashboards, and drop filters. Check it out below:
Review our documentation to learn more about Grok patterns, parsing limits, built-in parsing rulesets, and creating custom parsing rules.
Use guided install to add logs to New Relic One
Using our recently launched guided install feature, we’ve made it easy for you to add log data to New Relic One within minutes. Guided install helps you instrument your applications and infrastructure to start seeing your data in New Relic within minutes. With a single CLI command and the New Relic infrastructure agent, guided install discovers all the systems running on your hosts and automatically recommends instrumentation options to you.
To get started with guided install, click here (or click here if your account reports data through our EU data center) or follow the instructions below:
- Click Add More Data at the top right of your home screen.
- Select Guided install.
In the Nerdlog segment below, Julian and Rebecca walk us through the three-step guided install onboarding flow for quickly and easily adding your log data. Check it out below:
Next steps
Review our previous Nerdlog segment about guided install with Justin to learn more about guided install or head to our documentation. Recipes are also stored in YAML files in our Open Install Library, which allows you to modify them or even build your own for your own unique instrumentation needs.
Subscribe to our Nerdlog emails to get weekly updates about the latest features and releases from the people who built them. Join the Nerdlog discussion live every Thursday at 12 p.m. PT (8 p.m. UTC) on Twitch or follow along in What’s New.
If you're not a New Relic customer, sign up for your free account today.
The views expressed on this blog are those of the author and do not necessarily reflect the views of New Relic. Any solutions offered by the author are environment-specific and not part of the commercial solutions or support offered by New Relic. Please join us exclusively at the Explorers Hub (discuss.newrelic.com) for questions and support related to this blog post. This blog may contain links to content on third-party sites. By providing such links, New Relic does not adopt, guarantee, approve or endorse the information, views or products available on such sites.
