Logs
Everything you need to know to start exploring Logs with Last9.
Sending Logs to Last9
You can send a variety of logs to Last9 from different sources:
You can also view the list of integrations in the Last9 app as well under the Logs category on the Integrations screen.
Exploring Logs
There are 3 primary ways of exploring Logs depending on specific use cases.
- Logs Explorer: Use Last9’s native UI for logs with first-class search and filters in the Builder mode or the LogQL-compatible Editor mode for advanced queries. Quickly view related logs, traces, and metrics by clicking on any log line. Learn more.
- Grafana Loki: For people who are familiar with Loki, use Last9’s embedded instance of Grafana. Learn more.
- SQL Exploration: Last9 also allows exploring raw logs data using Clickhouse SQL. This is useful for adhoc exploration of Logs for deeper analysis. Contact Last9 team to provision a custom SQL data source for you.
Alerting on Logs
To create alerts based on log data, use Scheduled Search. Scheduled Search allows you to run periodic LogQL queries and receive notifications when patterns are found or missing.
Common use cases for log-based alerts:
- Alert when error rates exceed a threshold
- Detect missing scheduled jobs (backups, cron tasks)
- Monitor for security events (failed logins, suspicious activity)
- Track application-specific events and patterns
Learn more about Scheduled Search →
Accelerated Queries
Last9 accelerates queries when a query is made on following attributes.
- Service
- Severity
For this reason, users are encouraged to filter by Service or Severity first when searching for long time ranges.
Troubleshooting
Please get in touch with us on Discord or Email if you have any questions.