Welcome to InsightFinder Docs!

Log/Trace Analysis

Overview

Log/Trace Analysis is a powerful visual log management workspace. Powered by built-in machine learning algorithms, the system automatically ingests raw logs, extracts their feature patterns, and intelligently categorizes them into Anomalous logs and Total logs (normal logs). By offering macro-trend monitoring and micro-trace troubleshooting, this feature helps IT operators, SREs, and development engineers quickly locate faults, identify recurring patterns, and significantly reduce log analysis noise and data storage costs.

Primary Use Cases

• Anomaly Detection & Troubleshooting
• Quickly isolate suspicious events (e.g., keyword alerts, new patterns, rare events) from massive volumes of logs through a dedicated anomaly view, and drill down to inspect the error context.
• Log Reduction & Pattern Recognition
• Automatically cluster redundant log texts into unified “Patterns,” drastically reducing the time spent manually reviewing logs line-by-line.
• Cost Optimization
• Monitor the comparison between the original log size and the compressed size to evaluate the system’s reduction ratio and storage cost savings in real-time.

Getting Started

1. Log into your InsightFinder AI platform.
2. In the left main navigation bar, click on Log/Trace Analysisto enter the workspace.
3. In the top filter bar, select your target System, Project, and Date range, then click Refresh to check the analysis report.

1. Global Metrics & Analysis Perspectives

This section provides a macro-level summary of your log data and two core analytical perspectives:

• Key Metrics Area:
  • Total logs / patterns: The total number of logs and the total number of extracted unique log patterns within the selected timeframe.
  • Incidents: The total number of associated severe incidents.
  • Decrease ratio: Displays the noise reduction percentage achieved through pattern compression (e.g., 88.7%), reflecting storage optimization.
• Analysis Perspectives:
  • Anomalous logs: Focuses exclusively on events the system determines to be anomalous, filtering out normal operational noise.
  • Total logs: Displays the complete data stream, including normal data, making it easier to review the full context.

2. Macro Trend Monitoring (Monthly View)

Through the trend charts, you can quickly gain insights into the system’s health status over time:

• Trend Distribution: The chart displays fluctuations in log throughput by month or day.
• Anomaly Coloring Logic:
  • Under the Anomalous logsperspective, the bar chart uses different colors based on the anomaly type (e.g., New Patterns, Rare Events), making abnormal peaks easy to spot.
  • Under the Total logsperspective, the bar chart displays overall traffic in a single solid color.
• Interactive Drill-down: Click directly on any bar in the chart, and the system will automatically jump and display the Daily Viewdetails for that specific date.

3. Micro Detailed Analysis (Daily & Minute View)

Once you have navigated to a specific date, you can use the detailed list for in-depth troubleshooting:

• Log Records List:
  • Provides the Time, Instance, Pattern ID, and a short description summarizing the log.
  • Type Markers: Quickly distinguish log statuses using color-coded letter badges (e.g., a gray Nrepresents Normal, a yellow K represents Keyword Alerts).
• Sidebar Filters: Allows for precise filtering by components, pattern names, or specific anomaly types.
• Anomaly Type Descriptions:
  • I (Incident): Severe system incidents.
  • N (New): New log patterns identified by the system for the first time.
  • R (Rare): Highly infrequent anomalous events.
  • H (Hot): Anomalies’ count frequency is higher than usual.
  • C (Cold):Anomalies’ count frequency is lower than usual.
  • K (Keyword Alerts): Logs that trigger pre-configured warning keywords.