While analyzing logs, we sometimes need to look for logs just before or after a certain line.
I can't seem to find a way to search for anything without filtering out everything else.
For example I'm looking for an entry with timestamp=12:34:55, but I don't want to exactly find that, I want to look at the log entries around that one to get some context.
another example is that a customer says that they are getting weird values in logs whenever the line
Select xyz mode to write file.txt
So I need to go to every-time this occurs in the logs and look at the logs near this one.
Is there a way to do this in kibana?
In every log entry in kibana, when expanded, you can click on the view surrounding documents button, which shows you 5 log entries above and below the current one, and an option to increase the documents shown on wither side.