Return +/- 2 minutes logs around an error found within a collection.

Follow

Iain Clarke

• June 16, 2020 15:57

I have several queries setup to search for specific issues and then I have to create manual searches around the exact time of the reported exception to investigate what happened within the platform before and after the exception occurred.

I've been reading the documentation/community to see if there are any examples where you can create a single query to find an exception and report back the logs 2 minutes before and after the issue.

 

Has anyone done this?

0

• 

  Harinder Bhandari

  • June 20, 2020 22:54

  Sumo Logic has a feature called Surrounding messages that allow you to investigate events surrounding a message from the context of the Host, file name, or category identified enabling you to view the activity for the defined time period. 

  https://help.sumologic.com/05Search/Get-Started-with-Search/Search-Basics/Search-Surrounding-Messages

  0

  Comment actions Permalink

Please sign in to leave a comment.