Introduction

Cavisson NetForest is the next generation log monitoring and analysis software that makes use of server logs to troubleshoot performance issues and understand user's behavior. NetForest Home page consists of a right navigation pane that contains menu items, such as: Search, Clear, Open Save Log Query and Time icon.

Right Navigation Panel

  • Search: You can search the indices that match the current index pattern by entering the search criteria in the Query Search Bar. You can perform a simple text search or use the NetForest query syntax.
  • Clear: Click on the Clear button to clear the search query
  • Saved Log Query: You can see the save log query by clicking on the Open saved query button a dialog box will appear where you can see the save query table.
  • Histogram: You can see the log information in graphical format by clicking on the Histogram button.histogram graph is a visualization which provides a graphical representation of data distribution based on a field value. In histogram, you can also see the frequency or count of events falling within a specific range in a Bar or Chart format.
  • Table: You can also see the log information in tabular format by clicking on the Table button.
    • Click on the Close button to close both histogram and table.
  • Kebab Menu: Click on the Open Menu button to perform the following actions which are listed below:
    • Save Query: This is used for saving the current query for the future use.
    • Group/Ungroup Similar Logs: This is used for grouping/ungrouping the similar logs in a single view.
    • Export: This is used for downloading all the log data in Excel format.
    • Show: It has following options
      • Show Request: This is used for displaying the request send by NetForest to the database for retrieving the logs. The logs are shown in JSON format.
      • Show Response: This is used for displaying the corresponding response that NetForest receives after sending the view logs in JSON format
      • Show Statics: This is used for displaying the query duration time, request duration time, hits and the index used in the query.
      • Show Extracted Fields: This is used for displaying saved extracted fields from a larger dataset, such as from logs, files, or databases, for easier review and analysis.
    • Toggle Columns: This is used to show/hide a column in the log table. In this case, there are two columns on which this can be applied i.e.: Diff (ms) and Elapsed (ms).

Note: After clicking at logs at top of the UI it will displays two options Log Details and Exception will be explained below:

Log Details

In the log information field, you can see the detailed information related to the logs. To see the detailed log information, you have to click on the Expand button where you can see the following information which are listed below:

  • Message
  • IP
  • Tier
  • Flowpath
  • Path
  • Environment
  • Type
  • Response Time
  • Http Status Code
  • Test Run
  • Timestamp

Time

In time, you can see the current as well as past date and time of the logs which have been created. The date and time will be shown in the MM/DD/YY and HH:MM:SS:MS formats respectively.

Log Information Data Options

When a user selects any log information data, it will show three options: Search, Log Monitor, and Extract Fields.

  • Search: This option allows the user to search through the log information to find specific data. It could include searching by keywords, timestamps, or other log attributes.
  • Log Monitor: This option enables the user to monitor log data in real-time or over a specific period. It could involve setting up alerts for specific events, viewing live log streams, or analyzing log trends.
  • Extract Fields: This option allows the user to extract specific fields from the message data. It could involve parsing the message entries to pull out specific pieces of information (e.g., IP addresses, error codes) and possibly rewriting or reformatting the extracted data.

Expand Table

You can see the log information in TABLE and JSON format by clicking on the Expand Table button.

In the table format, you can also filters out the values on the basis of the fields given by clicking on the Open Menu button. you can use the following options for filtering the table which are listed below:
  • Filter for Value: In this option, you can filter the log information on the basis of selected field's value.Example: In case you apply the filter on field ip having value localhost the logs will be formatted and will only show that logs which will have ip value as localhost
  • Filter out Value: In this option, you can filter out the log information on the basis of the field's values provided for the filter. Example: In case you apply the filter on field ip having value localhost the logs will be formatted and will only show that logs which will not have ip value as localhost
  • Filter for Field Present: In this option, you can filter fields on the basis of selected field's.Example: In case you apply the filter on field ip having value localhost the logs will be formatted and will only show that logs which will have field ip.

Count

In count column, you can see the total number of the similar log key values. You can see the log key count value only if you select Group Similar Logs option.

Open Menu

In open menu, you can see the following options which are listed below:
  • Show All Logs By Fpi: In this option, it will display the log values which are related to that particular flowpath index
  • Open Transaction By Fpi: In this option, it will redirect you to the ND Transaction Flowpath page for the particular fpi.
  • Open Timing By Fpi: In this option, it will redirect you to the open timing page of the NV.
  • Open Replay By Fpi: In this option, it will redirect you to the open replay page of the NV.
  • Follow Log Stream: In this option, it will display the log values which are related to that particular logstream with an interval defined in log query settings i.e 2 min before and 2min after to the current time stamp.

Fields

You can add a field from the left pane where all fields are listed.To add a particular field mouse-hover over that field and click on the Add Field button,To remove selected field click on the Remove Field button.

Filters

You can also apply filters(plus and minus) on field values first you will have to select the field by clicking on the checkbox
  • Plus: You can then click on the Filter for value button.It will provide the logs which will include the applied field value
  • Minus: You can then click on the Filter out value button.It will provide the logs which will not include the applied field value
  • Quick Count: This indicates that there have been several counts of activity and the data displayed represents all of these counts. and field address is responsible for percentage of the total requests.

Filter Field

When you apply the filter fields mentioned above, a "Filter Applied" screen will appear at the top right of the screen. Users can expand this screen by clicking on the expand icon, revealing the filter fields on the left side of the screen. To remove an applied filters, users simply click the cross icon located at the top left of the screen. Furthermore, there is an option disable all on the right side of the screen to disable filters for all fields simultaneously.

Expand and Hide

To hide the left panel, click on the Hidebutton.To expand the left panel, click on the Expandbutton.