Hello everyone,
I’m wondering how you all handle traces with Graylog Open. Whether you’re integrating them from OpentTelemetry or manually inserting a trace id for a given request, I’m betting many of you have a way of grouping all logs that originate from the same request.
Right now I have a trace_id field in all of my logs that’s generated by my reverse proxy and then passed to all other processes (WAF, webserver etc.).
What I find myself doing all the time is :
- Search for a specific log with a graylog query
- Find the log I want
- Click the trace_id field to open the menu
- Click “add to query”
- Go in the query field at the top and remove all other criteria except for the trace_id that was just added (including the time range if necessary which is another panel to open)
- Run the query again
And then I have my trace.
It works, but really I can’t help but think there MUST be a better to do this. So what’s your way of doing this ?
PS : It seems that Graylog Enterprise has a trace feature that may or may not help, but I’m really only interested in solutions using Graylog Open.