Logs
KubeSense provides centralized log management with powerful search, filtering, and pipeline capabilities for all logs across your infrastructure. Ingest logs from Kubernetes workloads, virtual machines, and bare-metal servers through OpenTelemetry and direct collection — then search, analyze, and transform them in real time.
Log Explorer
The Log Explorer is the primary interface for searching, filtering, and analyzing your logs.
| Section | Description |
|---|---|
| Log Table & Views | Browse logs in table view with single-line, wrap-lines, and raw view modes. Visualize log volume with the trend graph. |
| Filters & Interesting Fields | Narrow down logs using faceted filters (type, source, format, workload, namespace, node) and auto-extracted field patterns. |
| Search & Querying | Basic tag-based search, advanced SQL-like queries, and SPL for complex analytics. |
| Log Detail View | Deep-dive into individual logs with attributes, related logs, correlated traces, and infrastructure metrics. |
| Saved Views | Save and share search configurations across your team. |
| Explorer View | Build aggregations, charts, and dashboards from log data. |
Log Pipelines
Log Pipelines allow you to transform, enrich, filter, and process logs before they are indexed.
| Rule Type | Description |
|---|---|
| Parse | Parse unstructured logs into structured JSON using named regex groups. |
| Extract | Extract specific values from logs as JSON keys using regex. |
| JSON Extract | Promote nested JSON fields to top-level metadata fields. |
| Replace | Redact sensitive data, fix log structure, or modify field values. |
| Block | Drop noisy or unwanted logs using regex-based filtering. |
| Timestamp Extract | Use the application's own timestamp instead of ingestion time. |
| Remove Fields | Remove unnecessary fields before indexing to reduce storage. |
| Add Field | Enrich logs with new fields (e.g., team, environment). |
| Creating Pipelines | Step-by-step guide to creating and managing pipeline rule groups. |
Search Processing Language (SPL)
The SPL Reference Guide is a comprehensive reference for KubeSense's built-in pipeline query language. SPL enables advanced log analytics including aggregations, field extraction, time-series analysis, deduplication, and more — all from within the Log Explorer search bar.