[DOCS] Spellcheck and minor tidying-up/consistency of Logs app content (#43388) (#44604)

* Preliminary changes * More changes * Updating Logs app content. * Few final tweaks after reading through * Review comments, adding a redirect for a removed bookmark, just in case.
2025-04-23 09:19:04 -04:00 · 2019-09-02 14:21:59 +01:00 · 2019-09-02 14:21:59 +01:00 · 47f17c7a64
commit 47f17c7a64
parent 77daf04856
11 changed files with 98 additions and 158 deletions
--- a/docs/infrastructure/images/infrastructure-time-selector.png
+++ b/docs/infrastructure/images/infrastructure-time-selector.png
--- a/docs/infrastructure/infra-ui.asciidoc
+++ b/docs/infrastructure/infra-ui.asciidoc
@ -41,14 +41,15 @@ Examples of grouping options include *Availability Zone*, *Machine Type*, *Proje
 [[infra-search]]
 === Use the power of search

-Use the search bar to perform ad hoc or structured searches using {kibana-ref}/kuery-query.html[Kibana Query Language] which features autocomplete and a simple, easy to use syntax.
+Use the search bar to perform ad hoc searches for specific text.
+You can also create structured searches using {kibana-ref}/kuery-query.html[Kibana Query Language].
 For example, enter `host.hostname : "host1"` to see only the information for `host1`.

 [float]
 [[infra-date]]
 === Specify the time and date

-Click the time selector to choose the timeframe for the metrics.
+Click the time selector image:logs/images/logs-time-selector.png[time selector icon] to choose the timeframe for the metrics.
 The values shown are the values for the last minute at the specified time and date.

 [float]
@ -69,14 +70,14 @@ If your metrics have custom index patterns, or use non-default field settings, y
 Click *Configuration* to change the settings.
 This opens the *Configure source* fly-out dialog.

-NOTE: These settings are shared with logs. Changes you make here may also affect the settings used in the *Logs* tab.
+NOTE: These settings are shared with logs. Changes you make here may also affect the settings used by the *Logs* app.

 In the *Configure source* dialog, you can change the following values:

 * *Name*: the name of the source configuration
 * *Indices*: the index pattern or patterns in the Elasticsearch indices to read metrics data and log data
  from
-* *Fields*: the names of specific fields in the indices that need are used to query and interpret the data correctly
+* *Fields*: the names of specific fields in the indices that are used to query and interpret the data correctly

 TIP: If <<xpack-spaces>> are enabled in your Kibana instance, any configuration changes you make here are specific to the current space.
 You can make different subsets of data available by creating multiple spaces with different data source configurations.
--- a/docs/logs/configuring.asciidoc
+++ b/docs/logs/configuring.asciidoc
@ -3,95 +3,48 @@

 :ecs-link: {ecs-ref}[Elastic Common Schema (ECS)]

-== Configuring the Logs UI
+== Configuring the Logs data

-The `filebeat-*` index pattern is used to query data by default. If your logs
-are located in a different set of indices, use a different timestamp field, or
-contain parsed fields which you want to expose as individual columns, you can
-adjust the source configuration via the user interface or the {kib}
-configuration file.
+The default source configuration for logs is specified in the {kibana-ref}/logs-ui-settings-kb.html[Logs app settings] in the {kibana-ref}/settings.html[Kibana configuration file].
+The default configuration uses the `filebeat-*` index pattern to query the data.
+The default configuration also defines field settings for things like timestamps and container names, and the default columns to show in the logs pane.

-NOTE: Logs and Infrastructure share a common data source definition in
-each space. Changes in one of them can influence the data displayed in the
-other.
+If your logs have custom index patterns, or use non-default field settings, or contain parsed fields which you want to expose as individual columns, you can override the default settings.
+Click *Configuration* to change the settings.
+This opens the *Configure source* fly-out dialog.
+
+NOTE: These settings are shared with metrics. Changes you make here may also affect the settings used by the *Metrics* app.
+
+TIP: If <<xpack-spaces>> are enabled in your Kibana instance, any configuration changes you make here are specific to the current space.
+You can make different subsets of data available by creating multiple spaces with different data source configurations.
+
+TIP: If you don't see the *Configuration* option, you may not have sufficient privileges to change the source configuration.
+For more information see <<xpack-security-authorization>>.

 [float]
-=== Configure source
+=== Indices and fields tab

-*Configure source* can be accessed via
-image:logs/images/logs-configure-source-gear-icon.png[Configure source icon]
-in the toolbar.
+In the *Indices and fields* tab, you can change the following values:

-[role="screenshot"]
-image::logs/images/logs-configure-source.png[Configure Logs UI source button in Kibana]
-
-This opens the source configuration fly-out dialog with multiple tabs, where
-you can inspect and adjust various index settings and log column configuration.
-
-TIP: If <<xpack-spaces>> are enabled in your Kibana instance, any configuration
-changes performed via *Configure source* are specific to that space. You can
-therefore easily make different subsets of the data available by creating
-multiple spaces with different data source configurations.
-
-[float]
-[[logs-read-only-access]]
-==== Read only access
-When you have insufficient privileges to change the source configuration, the
-following indicator in Kibana will be displayed, and the buttons to change the
-source configuration won't be visible. For more information, see
-<<xpack-security-authorization>>.
-
-[role="screenshot"]
-image::logs/images/read-only-badge.png[Example of Logs' read only access indicator in Kibana's header]
-
-[float]
-==== Indices and fields configuration
-
-The *Indices and fields* tab provides access to the following configuration
-items:
-
-* *Name*: The name of the source configuration.
-* *Indices*: The patterns of the Elasticsearch indices to read metrics and logs
-  from.
-* *Fields*: The names of particular fields in the indices that need to be known
-  to the Infrastructure and Logs UIs in order to query and interpret the data
-  correctly.
-
-[role="screenshot"]
-image::logs/images/logs-configure-source-dialog-indices-tab.png[Configure logs UI source indices and fields dialog in Kibana]
+* *Name*: the name of the source configuration
+* *Indices*: the index pattern or patterns in the Elasticsearch indices to read metrics data and log data from
+* *Fields*: the names of specific fields in the indices that are used to query and interpret the data correctly

 [float]
 ==== Log columns configuration

-The *Log columns* tab enables you to change the set of columns that are
-displayed in the Logs UI. By default the following columns are shown:
+In the *Log columns* tab you can change the columns that are displayed in the Logs app.
+By default the following columns are shown:

-* *Timestamp*: The log entry's timestamp as defined in the `timestamp` field.
-* *events.dataset*: The event dataset as indicated by this {ecs-link} field.
-* *Message*: The message extracted from the document. The exact content of that
-  field depends on the type of log message. If no special type is detected, the
-  {ecs-link} field `message` is used.
+* *Timestamp*: The timestamp of the log entry from the `timestamp` field.
+* *Message*: The message extracted from the document.
+The content of this field depends on the type of log message.
+If no special log message type is detected, the {ecs-link} field `message` is used.
+// ++ add a better link. The actual page location is ecs-base

-[role="screenshot"]
-image::logs/images/logs-configure-source-dialog-log-columns-tab.png[Configure logs UI source columns dialog in Kibana]
+To add a new column, click *Add column*.
+In the list of available fields, select the field you want to add.
+You can start typing a field name in the search box to filter the field list by that name.

-To add a new column, click
-image:logs/images/logs-configure-source-dialog-add-column-button.png[Add column]
-above the list. This will cause a popover to be shown in which you can filter a
-list of the available fields and select one for inclusion:
-
-[role="screenshot"]
-image::logs/images/logs-configure-source-dialog-add-column-popover.png[Configure logs UI source add columns popover in Kibana]
-
-To remove a column, click
-image:logs/images/logs-configure-source-dialog-remove-column-button.png[Remove column]
-in the respective entry. The list must contain at least one column to apply the
-changes.
-
-[float]
-=== Configuration file
-
-The settings in the configuration file are used as a fallback when no other
-configuration for that space has been defined. They are located in the
-configuration namespace `xpack.infra.sources.default`. See
-<<logs-ui-settings-kb>> for a complete list of the possible entries.
+To remove an existing column, click the *Remove this column* icon
+image:logs/images/logs-configure-source-dialog-remove-column-button.png[Remove column].
--- a/docs/logs/getting-started.asciidoc
+++ b/docs/logs/getting-started.asciidoc
@ -1,10 +1,11 @@
 [role="xpack"]
 [[xpack-logs-getting-started]]
-== Getting started with the Logs UI
+== Getting started with logs monitoring

-Kibana provides step-by-step instructions to help you add log data. The
-{infra-guide}[Infrastructure Monitoring Guide] is a good source for more
-detailed information and instructions.
+To get started with the Logs app in Kibana, you need to start collecting logs data for your infrastructure.
+
+Kibana provides step-by-step instructions to help you add logs data.
+The {infra-guide}[Infrastructure Monitoring Guide] is a good source for more detailed information and instructions.

 [role="screenshot"]
-image::logs/images/logs-add-data.png[Included data ingestion tutorials in Kibana]
+image::logs/images/logs-add-data.png[Screenshot showing Add logging data in Kibana]
--- a/docs/logs/images/logs-add-data.png
+++ b/docs/logs/images/logs-add-data.png
--- a/docs/logs/images/logs-time-selector.png
+++ b/docs/logs/images/logs-time-selector.png
--- a/docs/logs/images/logs-view-event-with-filter.png
+++ b/docs/logs/images/logs-view-event-with-filter.png
--- a/docs/logs/images/logs-view-event.png
+++ b/docs/logs/images/logs-view-event.png
--- a/docs/logs/index.asciidoc
+++ b/docs/logs/index.asciidoc
@ -4,8 +4,14 @@

 [partintro]
 --
-Use the Logs UI to explore logs for common servers, containers, and services.  
-{kib} provides a compact, console-like display that you can customize.
+The Logs app in Kibana enables you to explore logs for common servers, containers, and services.
+
+The Logs app has a compact, console-like display that you can customize.
+You can filter the logs by various fields, start and stop live streaming, and highlight text of interest.
+
+You can open the Logs app from the *Logs* tab in Kibana.
+You can also open the Logs app directly from a component in the Infrastructure app.
+In this case, you will only see the logs for the selected component.

 * <<xpack-logs-getting-started>>
 * <<xpack-logs-using>>
--- a/docs/logs/using.asciidoc
+++ b/docs/logs/using.asciidoc
@ -1,63 +1,51 @@
 [role="xpack"]
 [[xpack-logs-using]]
-== Using the Logs UI
+== Using the Logs app
+Use the Logs app in {kib} to explore and filter your logs in real time.

-Customize the Logs UI to focus on the data you want to see and control how you see it.
+You can customize the output to focus on the data you want to see and to control how you see it.
+You can also view related application traces or uptime information where available.

 [role="screenshot"]
-image::logs/images/logs-console.png[Log Console in Kibana]
+image::logs/images/logs-console.png[Logs Console in Kibana]
+// ++ Update this

 [float]
 [[logs-search]]
-=== Use the power of Search
-The Search bar is always available. Use it to perform adhoc and structured
-searches by taking advantage of the <<kuery-query>> with autocompletion
-suggestions.
+=== Use the power of search

-[role="screenshot"]
-image::logs/images/logs-usage-query-bar.png[Logs query bar]
+Use the search bar to perform ad hoc searches for specific text.
+You can also create structured queries using {kibana-ref}/kuery-query.html[Kibana Query Language].
+For example, enter `host.hostname : "host1"` to see only the information for `host1`.
+// ++ this isn't quite the same as the corresponding infrastructure description now.

 [float]
 [[logs-configure-source]]
-=== Adapt to your log source
-Using a custom index pattern to store the log entries, want to limit the
-entries presented in a space or change the fields displayed in the columns? Use
-<<xpack-logs-configuring,configure source>> to change the index pattern and
-other settings.
-
-[role="screenshot"]
-image::logs/images/logs-usage-column-headers.png[Logs column headers]
+=== Configure the data to use for your logs
+Are you using a custom index pattern to store the log entries?
+Do you want to limit the entries shown or change the fields displayed in the columns?
+If so, <<xpack-logs-configuring, configure the logs source data>> to change the index pattern and other settings.

 [float]
 [[logs-time]]
-=== Jump to a specific time period
-Use the time selector to focus on a specific timeframe.
+=== Specify the time and date

-[role="screenshot"]
-image::logs/images/logs-usage-time-picker.png[Logs time selector]
-
-To quickly jump to a nearby point in time, click on the timeline to the right.
-
-[role="screenshot"]
-image::logs/images/logs-usage-timeline.png[Logs timeline]
+Click the time selector image:logs/images/logs-time-selector.png[time selector icon] to choose the timeframe for the logs.
+Log entries for the time you specify appear in the middle of the page, with the earlier entries above and the later entries below.

+To quickly jump to a nearby point in time, click the minimap timeline to the right.
+// ++ what's this thing called? It's minimap in the UI. Would timeline be better?

 [float]
 [[logs-customize]]
 === Customize your view
-Use *Customize* to adjust your console view and to set the time scale of the log data.
-
-* *Text size.*  Select `Small`, `Medium`, or `Large`.
-* *Wrap long lines.* Enable or disable line wrap.
-* *Minimap Scale.* Set the scale to 'year', 'month', 'week', 'day', 'hour', or 'minute'.
-
-[role="screenshot"]
-image::logs/images/logs-usage-customize.png[Logs view customization popover]
+Click *Customize* to customize the view.
+Here, you can set the scale to use for the minimap timeline, choose whether to wrap long lines, and choose your preferred text size.

 [float]
 [[logs-stream]]
 === Stream or pause logs
-You can stream data for live log tailing, or pause streaming to focus on historical log data.
+Click *Stream live* to start streaming live log data, or click *Stop streaming* to focus on historical data.

 [role="screenshot"]
 image::logs/images/logs-usage-start-streaming.png[Logs start streaming]
@ -65,48 +53,34 @@ image::logs/images/logs-usage-start-streaming.png[Logs start streaming]
 [role="screenshot"]
 image::logs/images/logs-usage-stop-streaming.png[Logs stop streaming]

-When you are streaming logs, the most recent log appears at the bottom on the console.
+When you are viewing historical data, you can scroll back through the entries as far as there is data available.

-[role="screenshot"]
-image::logs/images/logs-usage-streaming-indicator.png[Logs streaming indicator]
-
-Historical data offers infinite scrolling.
+When you are streaming live data, the most recent log appears at the bottom of the page.
+In live streaming mode, you are not able to choose a different time in the time selector or use the minimap timeline.
+To do either of these things, you need to stop live streaming first.
+// ++ Not sure whether this is correct or not. And what about just scrolling through the display?
+// ++ There may be a bug here, (I managed to get future logs) see https://github.com/elastic/kibana/issues/43361

 [float]
 [[logs-highlight]]
 === Highlight a phrase in the logs stream
-To find instances of a particular word or phrase in the logs stream, click the Highlights button in the toolbar and enter your search terms.
-
-[role="screenshot"]
-image::logs/images/logs-stream-highlight-box.png[Logs highlight dialog box]
-
-This will highlight any instances of your search terms that appear in the logs stream.
-
-[role="screenshot"]
-image::logs/images/logs-stream-highlight-entries.png[Logs stream with the search term 'safepoint' highlighted]
+To highlight a word or phrase in the logs stream, click *Highlights* and enter your search phrase.
+// ++ Is search case sensitive?
+// ++ Can you search for multiple phrases together, if so, what's the separator?
+// ++ What about special characters? For example, I notice that when searching for "Mozilla/4.0" which appears as written in my logs, "Mozilla" is highlighted, as is "4.0" but "/" isn't. The string "-" (which appears in the logs as written, quotes and all, isn't found at all. Any significance?

 [float]
 [[logs-event-inspector]]
 === Inspect a log event
-Click on a log event in the stream to inspect it.
+To inspect a log event, hover over it, then click the *View details* icon image:logs/images/logs-view-event.png[View event icon] beside the event.
+This opens the *Log event document details* fly-out that shows the fields associated with the log event.

-[role="screenshot"]
-image::logs/images/logs-stream-click-entry.png[Highlighted log gentry in the stream]
+To quickly filter the logs stream by one of the field values shown here, click the *View event with filter* icon image:logs/images/logs-view-event-with-filter.png[View event icon] beside the field.
+This automatically adds a search filter to the logs stream to filter the entries by this field and value.

-All of the fields associated to the log event are displayed.
+In the log event details, click *Actions* to see the other actions related to the event.
+Depending on the event and the features you have installed and configured, you may also be able to:

-[role="screenshot"]
-image::logs/images/log-details-flyover.png[Log event document details]
-
-By clicking the icon next to one of the listed values, you can filter the logs stream to display only events corresponding to that particular value.
-
-[role="screenshot"]
-image::logs/images/log-details-filter.png[Filtering from the log event details]
-
-[role="screenshot"]
-image::logs/images/logs-stream-filtered-by-value.png[Log console after filtering by a value in the details]
-
-You can use the Actions menu to view any monitor or APM trace that the log event may be associated with.
-
-[role="screenshot"]
-image::logs/images/log-details-actions.png[Log event document details with actions menu open]
+* Select *View monitor status* to <<uptime-overview, view related uptime information>> in the *Uptime* app.
+// ++ Is "monitor" the best choice of word here?
+* Select *View in APM* to <<traces, view related APM traces>> in the *APM* app.
--- a/docs/redirects.asciidoc
+++ b/docs/redirects.asciidoc
@ -30,3 +30,8 @@ This page has moved. Please see the new section in the {uptime-guide}/uptime-sec

 This page has moved. Please see <<infra-configure-source>>.

+[role="exclude",id="logs-read-only-access"]
+== Configure source read-only access
+
+This page has moved. Please see <<xpack-logs-configuring>>.
+