Logs

Overview

Logs are a type of stream in OpenObserve that record structured event data from applications, systems, or services. Each log entry includes a timestamp, message, and optional metadata fields such as severity, service name, or container details.

You can use the Logs page to:

• View and filter log data by time and fields
• Write and run SQL queries
• Transform logs using VRL functions
• Save views and schedule recurring searches
• Export logs for offline analysis

Who can access

• Enterprise and Cloud editions support Role-Based Access Control (RBAC) to restrict log access per stream and role.
• Open Source edition provides full access to all logs for all users.

Next steps

• Logs in OpenObserve: run your first log search and explore the editor.
• Search Around: inspect events surrounding a specific log entry.
• Quick Mode and Interesting Fields: focus the table on the fields that matter.
• Explain and Analyze Query: understand query plans and performance.

Need some help?

• Join our Community Slack
• Or Contact support