Logs quick reference
editLogs quick reference
editTo make the most of this quick reference, read this guide to learn how to create data views, and use two Kibana tools, Logs and Discover, to view and query your logs.
The following table contains key information about Enterprise Search logs, including log types, index patterns, and filenames:
-
The
event.datasetvalue makes it easier to filter by events when querying your logs. -
Filter
event.datasetfurther by finding the Elasticsearch index patterns for your logs of interest in the table below. Use these index patterns when creating data views in Kibana. - This table specifies which Elastic Cloud index patterns are intended to be used on your Enterprise Search deployment, versus your monitoring deployment, and whether a given index pattern matches hidden data streams and indices.
- Read this guide to learn how to create data views, and use the Kibana tools, Logs and Discover, to view and query your logs.
| Log type | Elasticsearch index pattern (Self-managed) | Elasticsearch index pattern (Cloud) | Local filename | event.dataset | Description |
|---|---|---|---|---|---|
API logs |
|
|
|
|
Enterprise Search API logs, including queries and inserts. |
App Search analytics |
|
|
|
|
App Search Analytics logs, including click-through and query metrics. |
Workplace Search analytics |
|
|
|
|
Workplace Search Analytics logs, including click-through and query metrics. |
Application logs |
N/A |
|
|
|
Main application logs, including API calls made to the server, errors and corresponding stack traces. When troubleshooting an issue, you will typically start here. Elasticsearch debug logs also appear here. |
Audit logs |
|
|
|
|
Log of events across Enterprise Search, useful for security-related auditing. |
Content sources events |
|
|
|
|
Workplace Search content sources events. |
Elastic web crawler logs |
|
|
|
|
Detailed Elastic web crawler logs. |
App Search crawler logs |
|
|
|
|
Detailed App Search web crawler logs. |
Filebeat process |
N/A |
N/A |
|
N/A |
Use these logs to confirm that Filebeat is correctly pushing events to Elasticsearch. |
JVM GC statistics |
N/A |
N/A |
|
N/A |
Java Virtual Machine (JVM) garbage collection statistics. |
Internal statistics |
N/A |
N/A |
|
N/A |
Timing statistics for various internal processes. |
System requests |
N/A |
|
|
|
Contains web requests, including method, status code, and parameters used. |
Internal worker jobs |
N/A |
|
|
|
High-level worker job queue logs. |
Search relevance suggestions events |
|
|
|
|
Created when Curations powered by Adaptive Relevance is enabled. Logs all adaptive relevance curation suggestion events. |
Search relevance suggestions system logs |
N/A |
N/A |
|
N/A |
Created when Curations powered by Adaptive Relevance is enabled. Logs all adaptive relevance curation suggestion details. |
Apply the Elastic Enterprise Search Filebeat configuration to ingest Enterprise Search log files into Elasticsearch.