Search Basics

Sumo Logic search syntax uses logical and familiar operators allowing you to create ad hoc queries quickly and efficiently.

Guide contents

In this section, we'll introduce the following concepts:

📄️ About Search Basics

Sumo Logic search syntax is based on a funnel or "pipeline" concept and it uses logical and familiar operators letting you to create ad hoc queries quickly.

📄️ Built-in Metadata

Metadata tags are attached to your log messages at ingest, which is very useful when you're searching log data.

📄️ Chart Search Results

In the Aggregates tab, in addition to the standard table view, you can view search results as a chart, such as a bar or column chart.

📄️ Comments in Search Queries

You can add comments to a search query, or even comment out lines of your search query using comment formatting.

📄️ Pause or Cancel a Search

When a search is in progress, the options to Cancel or Pause the search appear.

📄️ Quick Search for Collectors and Sources

You can quickly start a search for a Collector, Source, or Source Category from the Manage Collection page.

📄️ Reference a Field with Special Characters

Solution to reference a field name that contains a special character.

📄️ Save a Search

Whether you are running ad hoc searches during a forensic investigation or running standard searches for health checks, you can save any search to run later.

📄️ Search Autocomplete

On the Search page, as you begin typing to enter a query in the search text box, the search autocomplete drop-down dialog opens to offer suggestions to make query writing easier.