Quick Start Guide: Unified Search
The Unified Search feature provides users with a complete resource for the investigation of current and historical BigPanda incidents across all integrated data sources.
In the Search tab, you can
- Search BigPanda incidents for specific comments, sharing info and/or current and historical data by timeframe, keyword/phrase and/or tag value.
- Filter and sort search results.
- Share search results with colleagues.
To search for specific tag values, use BigPanda Query Language (BPQL). The results page shows the first 10 matching incidents and includes both active and inactive incidents.
Examples of Keyword Search Queries
- Use an asterisk to match multiple values with a common element, ie:
phx*db - Add Quotes (" or ') around an exact phrase that contains spaces (spaces are allowed only between quotes), ie:
"CPU over 90*" - Add a slash (/) as the first and last character to search for values that match a regular expression (case sensitive and limited to 32,000 characters), ie:
/...Phx[0-9]{3}/
BPQL queries are in <tag> <operator> <value> format, using AND, OR and parenthesis to separate and/or prioritize multiple queries. For example:
host=srv-1 AND (check=chk-1 OR (check=chk-2 AND status=critical))
Search results include a timeline with the incident's current status, the timeline of status changes for each alert, the incident's start and end time and the search timeframe (highlighted in blue).
Search Results
Click a dot to reveal the alert's details at that specific point in the timeline.
Alert Details
The actions displayed in the top right corner of the searched incident timelines allow you to view the incident in the Incidents tab, add/view comments, view incident shares and snooze the incident. You can also see when the incident was last changed.
Incident Actions
Filter search results by timeframe, date range, environment, source, and comment(s).
Sort results by either the incident's most recent change, current status, the time it was created or the number of active alerts present.
Sharing Search Results
To share your search, you just copy the URL of the results and send it to your recipient. To save the search, bookmark it in your browser.
Updated almost 2 years ago