### Describe Your Changes
Add search functionality to the column display settings in the table
#6668
![image](https://github.com/user-attachments/assets/e9bd52c3-6428-4d4f-8b7f-d83dd80b6912)
### Checklist
The following checks are **mandatory**:
- [ ] My change adheres [VictoriaMetrics contributing
guidelines](https://docs.victoriametrics.com/contributing/).
---------
Signed-off-by: hagen1778 <roman@victoriametrics.com>
Co-authored-by: hagen1778 <roman@victoriametrics.com>
(cherry picked from commit e35237920a
)
51 KiB
weight | title | menu | aliases | |||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
7 | CHANGELOG |
|
|
The following tip
changes can be tested by building VictoriaLogs from the latest commit of VictoriaMetrics repository
according to these docs
tip
-
FEATURE: web UI: add support for displaying the top 5 log streams in the hits graph. The remaining log streams are grouped into an "other" label. See this issue.
-
FEATURE: web UI: add the ability to customize the graph display with options for bar, line, stepped line, and points.
-
FEATURE: web UI: add fields for setting AccountID and ProjectID. See this issue.
-
FEATURE: web UI: add a toggle button to the "Group" tab that allows users to expand or collapse all groups at once.
-
FEATURE: web UI: introduce the ability to select a key for grouping logs within the "Group" tab.
-
FEATURE: web UI: display the number of entries within each log group.
-
FEATURE: web UI: move the Markdown toggle to the general settings panel in the upper left corner.
-
FEATURE: web UI: add search functionality to the column display settings in the table. See this issue.
-
FEATURE: web UI: add the ability to select all columns in the column display settings of the table. See this issue. Thanks to @yincongcyincong for the pull request.
-
BUGFIX: properly handle Logstash requests for Elasticsearch configuration when using
outputs.elasticsearch
in Logstash pipelines. Previously, the requests could be rejected with400 Bad Request
response. -
BUGFIX: vmui: fix
not found index.js
error when loading vmui in VictoriaLogs. See this issue. Thanks to @yincongcyincong for the pull request.
v0.28.0
Released at 2024-07-10
- FEATURE: web UI: show a spinner on top of bar chart until user's request is finished. See this issue.
- FEATURE: web UI: use compact representation of JSON lines at
JSON
tab if only a single log field is queried. See this feature request. - FEATURE: web UI: properly show the number of matching logs on the selected time range at bar chart for queries with arbitrary pipes, including
stats
pipe andtop
pipe.
v0.27.1
Released at 2024-07-05
- BUGFIX: properly JSON-encode strings with special chars in HTTP querying API responses. This fixes the
error decode response: invalid character 'x' in string escape code
error in VictoriaLogs datasource for Grafana. See this issue. The issue has been introduced in the release v0.9.0.
v0.27.0
Released at 2024-07-02
-
FEATURE: add
-syslog.useLocalTimestamp.tcp
and-syslog.useLocalTimestamp.udp
command-line flags, which could be used for using the local timestamp as_time
field for the logs ingested via the corresponding-syslog.listenAddr.tcp
/-syslog.listenAddr.udp
. By default the timestap from the syslog message is used as_time
field. See these docs. -
BUGFIX: make slowly ingested logs visible for search as soon as they are ingested into VictoriaLogs. Previously slowly ingested logs could remain invisible for search for long time.
v0.26.1
Released at 2024-07-01
- BUGFIX: return the proper surrounding logs for
stream_context
pipe when additional pipes are put after thestream_context
pipe. This has been broken in v0.26.0.
v0.26.0
Released at 2024-07-01
- FEATURE: add ability to return log position (aka rank) after sorting logs with
sort
pipe. This can be done by addingrank as <fieldName>
to the end of| sort ...
pipe. For example,_time:5m | sort by (_time) rank as position
instructs storing position of every sorted log line intoposition
field name. - FEATURE: add delimiter log with
---
message between log chunks returned bystream_context
pipe. This should simplify investigation of the returned logs. - FEATURE: reduce memory usage when big number of context logs are requested from
stream_context
pipe.
v0.25.0
Released at 2024-06-28
-
FEATURE: add ability to select surrounding logs in front and after the selected logs via
stream_context
pipe. This functionality may be useful for investigating stacktraces, panics or some correlated log messages. This functionality is similar togrep -A
andgrep -B
. -
FEATURE: add ability to return top
N
"fields"
groups from/select/logsql/hits
HTTP endpoint, by specifyingfields_limit=N
query arg. This query arg is going to be used in this feature request. -
BUGFIX: fix
runtime error: index out of range [0] with length 0
panic when empty lines are ingested via Syslog format by Cisco controllers. See this issue.
v0.24.0
Released at 2024-06-27
-
FEATURE: add
/select/logsql/tail
HTTP endpoint, which can be used for live tailing of LogsQL query results. See these docs for details. -
FEATURE: add
/select/logsql/stream_ids
HTTP endpoint, which can be used for returning_stream_id
values with the number of hits for the given LogsQL query. See these docs for details. -
FEATURE: add
-retention.maxDiskSpaceUsageBytes
command-line flag, which allows limiting disk space usage for VictoriaLogs data by automatic dropping the oldest per-day partitions if the storage disk space usage becomes bigger than the-retention.maxDiskSpaceUsageBytes
. See these docs. -
BUGFIX: properly take into account query timeout specified via
-search.maxQueryDuration
command-line flag and/or viatimeout
query arg. Previously these timeouts could be ignored during query execution. -
BUGFIX: web UI: fix the update of the relative time range when
Execute Query
is clicked. See this issue.
v0.23.0
Released at 2024-06-25
-
FEATURE: syslog data ingestion: parse STRUCTURED-DATA into
SD-ID.field1=value1
,SD-ID.field2=value2
, ...,SD-ID.fieldN=valueN
log fields. Previously theSTRUCTURED-DATA
was parsed into a single log field with theSD-ID
name andfield1=value1 field2=value2 ... fieldN=valueN
value. This could complicate querying of such data. -
BUGFIX: properly parse timestamps with timezones during data ingestion and querying. This has been broken in v0.20.0. See this issue.
v0.22.0
Released at 2024-06-24
- FEATURE: allow specifying multiple
_stream_id
values in_stream_id
filter via_stream_id:in(id1, ..., idN)
syntax. - FEATURE: allow specifying subquery for searching for
_stream_id
values inside_stream_id
filter. For example,_stream_id:in(_time:5m error | fields _stream_id)
returns logs for logs streams with theerror
word across logs for the last 5 minutes.
v0.21.0
Released at 2024-06-20
- FEATURE: web UI: add a bar chart displaying the number of log entries over a time range. See this issue.
- FEATURE: expose
_stream_id
field, which uniquely identifies log streams. This field can be used for quick obtaining of all the logs belonging to a particular stream via_stream_id
filter.
v0.20.2
Released at 2024-06-18
- BUGFIX: properly parse timestamps with nanosecond precision for logs ingested via jsonline format. The bug has been introduced in v0.20.0 release.
v0.20.1
Released at 2024-06-18
-
FEATURE: allow configuring multiple receivers with distinct configs for syslog messages. See these docs.
-
BUGFIX: properly read syslog messages over TCP and TLS connections according to RFC5425 when data ingestion for syslog protocol is enabled.
v0.20.0
Released at 2024-06-17
- FEATURE: add ability to accept logs in Syslog format. See these docs.
- FEATURE: add ability to specify timezone offset when parsing rfc3164 syslog messages with
unpack_syslog
pipe. - FEATURE: add
top
pipe for returning top N sets of the given fields with the maximum number of matching log entries.
v0.19.0
Released at 2024-06-11
-
FEATURE: do not allow starting the filter with pipe names and stats function names. This prevents from unexpected results returned by incorrect queries, which miss mandatory filter.
-
FEATURE: treat unexpected syslog message as RFC3164 containing only the
message
field when usingunpack_syslog
pipe. -
FEATURE: allow using
where
prefix instead offilter
prefix infilter
pipe. -
FEATURE: disallow unescaped
!
char in LogsQL queries, since it permits writing incorrect query, which may look like correct one. For example,foo!:bar
instead offoo:!bar
. -
FEATURE: web UI: add markdown support to the
Group
view. See this pull request. -
BUGFIX: return back the improved performance for queries with
*
filters (akaSELECT *
). This has been broken in v0.16.0.
v0.18.0
Released at 2024-06-06
- FEATURE: web UI: improve displaying of logs. See this pull request and the following issues: 6408, 6405, 6406 and 6407.
- FEATURE: add support for day range filter and week range filter. These filters allow selecting logs on a particular time range per every day or on a particular day of the week.
- FEATURE: allow using
eval
instead ofmath
keyword inmath
pipe.
v0.17.0
Released at 2024-06-05
-
FEATURE: add
pack_logfmt
pipe for formatting log fields into logfmt messages. -
FEATURE: allow using IPv4 addresses in range comparison filters. For example,
ip:>'12.34.56.78'
is valid filter now. -
FEATURE: add
ceil()
andfloor()
functions tomath
pipe. -
FEATURE: add support for bitwise
and
,or
andxor
operations atmath
pipe. -
FEATURE: add support for automatic conversion of RFC3339 time and IPv4 addresses into numeric representation at
math
pipe. -
FEATURE: add ability to format numeric fields into string representation of time, duration and IPv4 with
format
pipe. -
FEATURE: set
format
field torfc3164
orrfc5424
depending on the Syslog format parsed viaunpack_syslog
pipe. -
BUGFIX: always respect the limit set in
limit
pipe. Previously the limit could be exceeded in some cases.
v0.16.0
Released at 2024-06-04
- FEATURE: add
unpack_syslog
pipe for unpacking syslog messages from log fields. - FEATURE: parse timestamps in
_time
filter with nanosecond precision. - FEATURE: return the last
N
matching logs from/select/logsql/query
HTTP API with the maximum timestamps iflimit=N
query arg is passed to it. Previously a random subset of matching logs could be returned, which could complicate investigation of the returned logs. - FEATURE: add
drop_empty_fields
pipe for dropping log fields with empty values.
v0.15.0
Released at 2024-05-30
-
FEATURE: add
row_any
function forstats
pipe. This function returns a sample log entry per every calculated group of results. -
FEATURE: add
default
operator tomath
pipe. It allows overridingNaN
results with the given default value. -
FEATURE: add
exp()
andln()
functions tomath
pipe. -
FEATURE: allow omitting result name in
math
pipe expresions. In this case the result name is automatically set to string representation of the corresponding math expression. For example,_time:5m | math duration / 1000
is equivalent to_time:5m | math (duration / 1000) as "duration / 1000"
. -
FEATURE: allow omitting result name in
stats
pipe. In this case the result name is automatically set to string representation of the corresponding stats function expression. For example,_time:5m | count(*)
is valid LogsQL query now. It is equivalent to_time:5m | stats count(*) as "count(*)"
. -
BUGFIX: properly calculate the number of matching rows in
* | field_values x | stats count() rows
and in* | unroll (x) | stats count() rows
queries.
v0.14.0
Released at 2024-05-29
-
FEATURE: allow specifying fields, which must be packed into JSON in
pack_json
pipe viapack_json fields (field1, ..., fieldN)
syntax. -
BUGFIX: properly apply
if (...)
filters to calculated results instats
pipe when grouping by fields is enabled. For example,_time:5m | stats by (host) count() logs, count() if (error) errors
now properly calculates per-host
errors
.
v0.13.0
Released at 2024-05-28
- FEATURE: add
extract_regexp
pipe for extracting arbitrary substrings from log fields with RE2 regular expressions. - FEATURE: add
math
pipe for mathematical calculations over log fields. - FEATURE: add
field_values
pipe, which returns unique values for the given log field. - FEATURE: allow omitting
stats
prefix instats
pipe. For example,_time:5m | count() rows
is a valid query now. It is equivalent to_time:5m | stats count() as rows
. - FEATURE: allow omitting
filter
prefix infilter
pipe if the filter doesn't clash with pipe names. For example,_time:5m | stats by (host) count() rows | rows:>1000
is a valid query now. It is equivalent to_time:5m | stats by (host) count() rows | filter rows:>1000
. - FEATURE: allow
head
pipe without number. For example,error | head
. In this case 10 first values are returned ashead
Unix command does by default. - FEATURE: allow using comparison filters with strings. For example,
some_text_field:>="foo"
matches log entries withsome_text_field
field values bigger or equal tofoo
.
v0.12.1
Released at 2024-05-26
-
FEATURE: add support for comments in multi-line LogsQL queries. See these docs.
-
BUGFIX: properly apply
in(...)
filter insideif (...)
conditions at various pipes. This bug has been introduced in v0.12.0.
v0.12.0
Released at 2024-05-26
-
FEATURE: add
pack_json
pipe, which packs all the log fields into a JSON object and stores it into the given field. -
FEATURE: add
unroll
pipe, which can be used for unrolling JSON arrays stored in log fields. -
FEATURE: add
replace_regexp
pipe, which allows updating log fields with regular expressions. -
FEATURE: improve performance for
/select/logsql/field_names
HTTP API. -
BUGFIX: prevent from panic in
sort
pipe when VictoriaLogs runs on a system with one CPU core. -
BUGFIX: do not return referenced fields if they weren't present in the original logs. For example,
_time:5m | format if (non_existing_field:"") "abc"
could return emptynon_exiting_field
, while it shouldn't be returned because it is missing in the original logs. -
BUGFIX: properly initialize values for
in(...)
filter insidefilter
pipe if thein(...)
contains other filters. For example,_time:5m | filter ip:in(user_type:admin | fields ip)
now works correctly.
v0.11.0
Released at 2024-05-25
- FEATURE: add
replace
pipe, which allows replacing substrings in log fields. - FEATURE: support comparing log field values with special numeric values. For example,
duration:>1.5s
andresponse_size:<15KiB
are valid filters now. - FEATURE: properly sort durations and short numeric values in
sort
pipe. For example,10s
goes in front of1h
, while10KB
goes in front of1GB
. - FEATURE: add an ability to preserve the original non-empty field values when executing
extract
,unpack_json
,unpack_logfmt
andformat
pipes. - FEATURE: add an ability to preserve the original field values if the corresponding unpacked values are empty when executing
extract
,unpack_json
,unpack_logfmt
andformat
pipes.
v0.10.0
Released at 2024-05-24
-
FEATURE: return the number of matching log entries per returned value in HTTP API results. This simplifies detecting field / stream values with the biggest number of logs for the given LogsQL query.
-
FEATURE: improve performance for regexp filter in the following cases:
- If the regexp contains just a phrase without special regular expression chars. For example,
~"foo"
. - If the regexp starts with
.*
or ends with.*
. For example,~".*foo.*"
. - If the regexp contains multiple strings delimited by
|
. For example,~"foo|bar|baz"
. - If the regexp contains multiple words. For example,
~"foo bar baz"
.
- If the regexp contains just a phrase without special regular expression chars. For example,
-
FEATURE: allow disabling automatic unquoting of the matched placeholders in
extract
pipe. See these docs. -
BUGFIX: properly parse
!
in front of exact filter, exact-prefix filter and regexp filter. For example,!~"some regexp"
is properly parsed asnot ="some regexp"
. Previously it was incorrectly parsed as'~="some regexp"'
phrase filter. -
BUGFIX: properly sort results by
_time
field whenlimit
pipe is applied. For example,_time:5m | sort by (_time) desc | limit 10
properly works now.
v0.9.1
Released at 2024-05-22
v0.9.0
Released at 2024-05-22
-
FEATURE: allow using
~"some_regexp"
regexp filter instead ofre("some_regexp")
. -
FEATURE: allow using
="some phrase"
exact filter instead ofexact("some phrase")
. -
FEATURE: allow using
="some prefix"*
exact prefix filter instead ofexact("some prefix"*)
. -
FEATURE: add ability to generate output fields according to the provided format string. See these docs.
-
FEATURE: add ability to extract fields with
extract
pipe only if the given condition is met. See these docs. -
FEATURE: add ability to unpack JSON fields with
unpack_json
pipe only if the given condition is met. See these docs. -
FEATURE: add ability to unpack logfmt fields with
unpack_logfmt
pipe only if the given condition is met. See these docs. -
FEATURE: add
row_min
androw_max
functions forstats
pipe, which allow returning all the log fields for the log entry with the minimum / maximum value at the given field. -
FEATURE: add
/select/logsql/streams
HTTP endpoint for returning streams from results of the given query. See these docs for details. -
FEATURE: add
/select/logsql/stream_field_names
HTTP endpoint for returning stream field names from results of the given query. See these docs for details. -
FEATURE: add
/select/logsql/stream_field_values
HTTP endpoint for returning stream field values for the given label from results of the given query. See these docs for details. -
FEATURE: web UI: change time range limitation from
_time
in the expression tostart
andend
query args. -
BUGFIX: fix
invalid memory address or nil pointer dereference
panic when usingextract
,unpack_json
orunpack_logfmt
pipes. See this issue. -
BUGFIX: web UI: fix an issue where logs with long
_msg
values might not display. See this issue. -
BUGFIX: properly handle time range boundaries with millisecond precision. See this issue.
v0.8.0
Released at 2024-05-20
-
FEATURE: add ability to extract JSON fields from log fields. See these docs.
-
FEATURE: add ability to extract logfmt fields from log fields. See these docs.
-
FEATURE: add ability to extract arbitrary text from log fields into the output fields. See these docs.
-
FEATURE: add ability to put arbitrary queries inside
in()
filter. -
FEATURE: add support for post-filtering of query results with
filter
pipe. -
FEATURE: allow applying individual filters per each stats function. See these docs.
-
FEATURE: allow passing string values to
min
andmax
functions. Previously only numeric values could be passed to them. -
FEATURE: speed up
sort ... limit N
pipe for typical cases. -
FEATURE: allow using more convenient syntax for
range
filters if upper or lower bound isn't needed. For example, it is possible to writeresponse_size:>=10KiB
instead ofresponse_size:range[10KiB, inf)
, ortemperature:<42
instead oftemperature:range(-inf, 42)
. -
FEATURE: add
/select/logsql/hits
HTTP endpoint for returning the number of matching logs per the given time bucket over the selected time range. See these docs for details. -
FEATURE: add
/select/logsql/field_names
HTTP endpoint for returning field names from results of the given query. See these docs for details. -
FEATURE: add
/select/logsql/field_values
HTTP endpoint for returning unique values for the given field obtained from results of the given query. See these docs for details. -
BUGFIX: properly take into account
offset
atsort
pipe when it already haslimit
. For example,_time:5m | sort by (foo) offset 20 limit 10
.
v0.7.0
Released at 2024-05-15
- FEATURE: add support for optional
start
andend
query args to HTTP querying API, which can be used for limiting the time range for LogsQL query. - FEATURE: add ability to return the first
N
results fromsort
pipe. This is useful whenN
biggest orN
smallest values must be returned from large amounts of logs. - FEATURE: add
quantile
andmedian
stats functions.
v0.6.1
Released at 2024-05-14
-
FEATURE: use natural sort order when sorting logs via
sort
pipe. -
BUGFIX: properly return matching logs in streams with small number of entries. Previously they could be skipped. The issue has been introduced in the release v0.6.0.
-
BUGFIX: fix
runtime error: index out of range
panic when usingsort
pipe like_time:1h | sort by (_time)
. See this issue.
v0.6.0
Released at 2024-05-12
-
FEATURE: return all the log fields by default in query results. Previously only
_stream
,_time
and_msg
fields were returned by default. -
FEATURE: add support for returning only the requested log fields. See these docs.
-
FEATURE: add support for calculating various stats over log fields. Grouping by arbitrary set of log fields is supported. See these docs for details.
-
FEATURE: add support for sorting the returned results. See these docs.
-
FEATURE: add support for returning unique results. See these docs.
-
FEATURE: add support for limiting the number of returned results. See these docs.
-
FEATURE: add support for copying and renaming the selected log fields. See these and these docs.
-
FEATURE: allow using
_
inside numbers. For example,score:range[1_000, 5_000_000]
forrange
filter. -
FEATURE: allow numbers in hexadecimal and binary form. For example,
response_size:range[0xff, 0b10001101101]
forrange
filter. -
FEATURE: allow using duration and byte size suffixes in numeric values inside LogsQL queries. See these docs.
-
FEATURE: improve data ingestion performance by up to 50%.
-
FEATURE: optimize performance for LogsQL query, which contains multiple filters for words or phrases delimited with
AND
operator. For example,foo AND bar
query must find log messages withfoo
andbar
words at faster speed. -
BUGFIX: prevent from possible corruption of short log fields during data ingestion.
-
BUGFIX: prevent from additional CPU usage for up to a few seconds after canceling the query.
-
BUGFIX: prevent from returning log entries with emtpy
_stream
field in the form"_stream":""
in search query results. See this issue.
v0.5.2
Released at 2024-04-11
- BUGFIX: properly register new log streams under high data ingestion rate. The issue has been introduced in v0.5.0.
v0.5.1
Released at 2024-04-04
- BUGFIX: properly apply time range filter for queries containing
OR
operators. See this issue. - BUGFIX: do not log debug lines
DEBUG: start trimLines
andDEBUG: end trimLines
. This bug has been introduced in v0.5.0 in this commit.
v0.5.0
Released at 2024-03-01
-
FEATURE: support the ability to limit the number of returned log entries from HTTP querying API by passing
limit
query arg. Previously all the matching log entries were returned until closing the response stream. See this feature request. Thanks to @dmitryk-dk for the pull request. -
BUGFIX: do not panic on incorrect regular expression in stream filter. Thanks to @XLONG96 for the bugfix.
-
BUGFIX: properly determine when the assisted merge is needed. Previously the logs for determining whether the assisted merge is needed was broken. This could lead to too big number of parts under high data ingestion rate. Thanks to @lujiajing1126 for the fix.
-
BUGFIX: properly stop execution of aborted query when the query doesn't contain
_stream
filter. Previously such a query could continue consuming resources after being aborted by the client. Thanks to @z-anshun for the fix.
v0.4.2
Released at 2023-11-15
- BUGFIX: properly locate logs for the requested streams. Previously logs for some streams may be missing in query results. See this issue. Thanks to @XLONG96 for the fix!
- BUGFIX: web UI: properly sort found logs by time. See this issue.
v0.4.1
Released at 2023-10-04
- BUGFIX: fix the free space verification process in VictoriaLogs that was erroneously shifting to read-only mode, despite there being sufficient free space available. See this issue.
v0.4.0
Released at 2023-10-03
-
FEATURE: add
-elasticsearch.version
command-line flag, which can be used for specifying Elasticsearch version returned by VictoriaLogs to Filebeat at elasticsearch bulk API. This helps resolving this issue. -
FEATURE: expose the following metrics at /metrics page:
vl_data_size_bytes{type="storage"}
- on-disk size for data excluding log stream indexes.vl_data_size_bytes{type="indexdb"}
- on-disk size for log stream indexes.
-
FEATURE: add
-insert.maxFieldsPerLine
command-line flag, which can be used for limiting the number of fields per line in logs sent to VictoriaLogs via ingestion protocols. This helps to avoid issues like this. -
FEATURE: expose
vl_http_request_duration_seconds
histogram at the /metrics page. Thanks to @crossoverJie for this pull request. -
FEATURE: add support of
-storage.minFreeDiskSpaceBytes
command-line flag to allow switching to read-only mode when running out of disk space at-storageDataPath
. See this issue. -
BUGFIX: fix possible panic when no data is written to VictoriaLogs for a long time. See this issue. Thanks to @crossoverJie for filing and fixing the issue.
-
BUGFIX: add
/insert/loki/ready
endpoint, which is used by Promtail for healthchecks. This should removeunsupported path requested: /insert/loki/ready
warning logs. See this comment. -
BUGFIX: prevent from panic during background merge when the number of columns in the resulting block exceeds the maximum allowed number of columns per block. See this issue.
v0.3.0
Released at 2023-07-20
- FEATURE: add support for data ingestion via Promtail (aka default log shipper for Grafana Loki). See these and these docs.
v0.2.0
Released at 2023-07-17
- FEATURE: support short form of
_time
filters over the last X minutes/hours/days/etc. For example,_time:5m
is a short form for_time:(now-5m, now]
, which matches logs with timestamps for the last 5 minutes. See these docs for details. - FEATURE: add ability to specify offset for the selected time range. For example,
_time:5m offset 1h
is equivalent to_time:(now-5m-1h, now-1h]
. See these docs for details. - FEATURE: LogsQL: replace
exact_prefix("...")
withexact("..."*)
. This makes it consistent with i() filter, which can accept phrases and prefixes, e.g.i("phrase")
andi("phrase"*)
. See these docs.
v0.1.0
Released at 2023-06-21
Initial release