v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →

Plugins

turbot/oci

steampipe plugin install ocisteampipe plugin install oci

Table: oci_logging_search - Query OCI Logging Search using SQL

Oracle Cloud Infrastructure's Logging Search is a fully managed, scalable, and highly available service that allows you to centralize, analyze, and monitor your logs. Logging Search provides a user-friendly interface for you to search, filter, and analyze logs from all your resources in one place. It is designed to help you diagnose, troubleshoot, and monitor your applications and infrastructure.

Table Usage Guide

The oci_logging_search table provides insights into the Logging Search within Oracle Cloud Infrastructure (OCI). As a DevOps engineer, explore search-specific details through this table, including log groups, log content, and associated metadata. Utilize it to uncover information about logs, such as those related to specific resources, the content of the logs, and the verification of log groups.

Important Notes

By default, this table will provide data for the last 24hrs. You can pass the timestamp value in the following ways to fetch data in a range.
- timestamp >= ‘2023-03-11T00:00:00Z’ and timestamp <= ‘2023-03-15T00:00:00Z’
- timestamp between ‘2023-03-11T00:00:00Z’ and ‘2023-03-15T00:00:00Z’
- timestamp >= now() - interval '7 days' (The data will be fetched for the last 7 days)
- timestamp > ‘2023-03-15T00:00:00Z’ (The data will be fetched from the provided time to the current time)
- timestamp < ‘2023-03-15T00:00:00Z’ (The data will be fetched from one day before the provided time to the provided time)
We recommend specifying optional quals in the query to optimize the table output. Optional quals are supported for the following columns:
- log_group_name
- log_name
- search_query
- timestamp

Examples

Show log entries of the last 24 hrs

Gain insights into the recent activities within your system by viewing log entries from the past 24 hours. This can help you monitor system performance, identify potential issues, and maintain system health.

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  jsonb_pretty(log_content) as log_content
from
  oci_logging_search;

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  log_content
from
  oci_logging_search;

Show log entries of the last 3 days

Explore the recent activities in your system by analyzing the log entries from the past three days. This can be particularly useful for monitoring system health, detecting anomalies, and troubleshooting issues.

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  jsonb_pretty(log_content) as log_content
from
  oci_logging_search
where
  timestamp >= now() - interval '3 days';

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  log_content
from
  oci_logging_search
where
  timestamp >= datetime('now', '-3 days');

Explore log entries associated with a specific service to gain insights into system activity and performance. This can help identify potential issues or anomalies related to the service, enhancing overall system monitoring and management.

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  jsonb_pretty(log_content) as log_content
from
  oci_logging_search
where
  log_content_type like '%DatabaseService%';

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  log_content
from
  oci_logging_search
where
  log_content_type like '%DatabaseService%';

Show log entries from us-ashburn-1 region

Explore the log entries originating from a specific region to gain insights into system performance and potential issues. This can be useful for troubleshooting or optimizing operations within that region.

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  jsonb_pretty(log_content) as log_content
from
  oci_logging_search
where
  region = 'us-ashburn-1';

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  log_content
from
  oci_logging_search
where
  region = 'us-ashburn-1';

Show log entries from a specific log group

Analyze the entries from a particular log group to gain insights into specific events or issues. This is beneficial in troubleshooting and understanding the operational behavior of your system.

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  jsonb_pretty(log_content) as log_content
from
  oci_logging_search
where
  log_group_name = 'test-bucket';

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  log_content
from
  oci_logging_search
where
  log_group_name = 'test-bucket';

Show log entries from a specific search query

Explore log entries associated with a particular search query. This can help in analyzing patterns, identifying issues, and gaining insights into specific activities within a given timeframe or region.

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  jsonb_pretty(log_content) as log_content
from
  oci_logging_search
where
  search_query = 'search "ocid1.tenancy.oc1..aaaaaaaahnm7gleh5soecx3hoz4p4h2q37cyljaq/test" | sort by datetime desc';

select
  log_content_id,
  log_content_source,
  log_content_type,
  timestamp,
  region,
  compartment_id,
  tenant_id,
  log_content
from
  oci_logging_search
where
  search_query = 'search "ocid1.tenancy.oc1..aaaaaaaahnm7gleh5soecx3hoz4p4h2q37cyljaq/test" | sort by datetime desc';

Schema for oci_logging_search

Name	Type	Operators	Description
_ctx	jsonb		Steampipe context in JSON form.
compartment_id	text		The OCID of the compartment in Tenant in which the resource is located.
log_content	jsonb		Stores the actual content of the log entry in JSON format. It contains the detailed information about the log event, such as log message, metadata, and any additional structured data.
log_content_id	text		The log content id.
log_content_source	text		The log content source.
log_content_type	text		The log content type.
log_group_name	text	=	Specifies the name of the log group to which the log entry belongs.
log_name	text	=	Indicates the name of the log within the log group. It helps to identify the specific log within a log group.
region	text		The OCI region in which the resource is located.
search_query	text	=	Stores the search query associated with the log entry. It represents the criteria used to filter and retrieve specific logs from the log group.
sp_connection_name	text	=, !=, ~~, ~~, !~~, !~~	Steampipe connection name.
sp_ctx	jsonb		Steampipe context in JSON form.
tenant_id	text	=, !=, ~~, ~~, !~~, !~~	The OCID of the Tenant in which the resource is located.
timestamp	timestamp with time zone	>, >=, =, <, <=	Represents the timestamp of a log entry.
title	text		Title of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- oci

You can pass the configuration to the command with the --config argument:

steampipe_export_oci --config '<your_config>' oci_logging_search