Skip to main content

Configure Optimizers

Configure optimizers to store logs and aggregations to a timeless account for extended retention, retaining critical data for long-term visibility.

note

You need a timeless account to configure optimizers. Learn more about timeless accounts. A log can take up to 2 hours to appear in your timeless account.

Open OpenSearch Dashboards and run your query of choice.

Review the results in the histogram and the document table, and make sure your query returns the expected results.

OSD query bar

Create an optimizer

Click Create optimizer (above the query bar) to open the Create an optimizer page.

Configure an Optimizer

Name the optimizer

Type a Name and a detailed Description.

If you need to, change your optimizer Query and the Accounts that the query searches.

caution

If you use an invalid query, the optimizer will automatically be disabled.

Run your query in OpenSearch Dashboards to ensure you're getting the expected results. The filter tags displayed in the optimizer Query section indicate which filters you used for the query in Discover. To update the filters, you'll need to add them to your search in Discover.

To store aggregate results, group your search fields.

Group optimizer fields

Click Group by to add up to 3 groups.

In the Choose fields list, choose a field to group by.

To limit the available fields, choose a log type from the Filter by type list. To show fields for all log types, choose Clear filter.

Set optimizers' trigger

In the Trigger section, choose how often this optimizer should run.

Choose the relevant timeless account

In the Action section, choose a timeless account to send to.

Choose the optimizer's output format

Choose an Output.

To send the raw JSON documents to your timeless account, choose Full log.

To send a summary table, choose Aggregations.

note

If you added any groups, the aggregations table will show the aggregated fields you used. To change these fields, you'll need to change your Group by selection.

If you choose Aggregations, click + to add a column to the table, and then select a field to show in the new column.

Optimizer aggregation

Click Save to save your optimizer. Logz.io will start sending your logs to the configured timeless account.