Skip to content

Release v0.3.0
Compare
Choose a tag to compare
@github-actions github-actions released this 01 Feb 21:43
v0.3.0
82b069b

New features

| where command (#16)

The | where command can be used to filter events by fields which were extracted by steps in the search pipeline that aren't the initial search. Currently that just means | rex but it will probably have more uses in the future.

Here is an example search which uses | where to filter the search to only find events where the "userId" field, which was extracted by | rex, is equal to 123:

userId | rex "userId (?P<userId>\d+)" | where userId=123

Bug fixes

  • #20 Starting a search from the search page now updates the query parameters

Other

  • #21 A benchmarking tool called SUCKHAMMER5000 was added. SUCKHAMMER5000 benchmarks how quickly Logsuck in single mode can read logs from a file and put them into the database. Using this tool I made two performance improvements, the more noticeable one being "True batch" mode added in 82b069b which increases throughput by up to 3x.
Assets 4
Loading