• Spaces
  • Collections
  • Help
    • ×
     
     
    •  
    BMC TrueSight IT Data Analytics 2.5

    Page tree

    To perform a search, on the Search tab, you must specify a search criteria and then click Search  to see results matching those criteria. Alternatively, you can press Enter to run your search. When you start typing your search string, the search bar offers type-ahead search suggestions based on a history of your search queries. These suggestions are a predicted list that might match the last few words of the search string that you want to type.

    The following video (4:33) illustrates tips that you can use to search easily.  http://yt.vu/pq2K8_hj0rc

    This topic contains the following information:

    Related topics

    Tip 1: Search for substrings

    Use the asterisk (*) as a wildcard character for any unknown terms in your search string. For more information, see Searching the data.

    Tip 2: Focus on the time range

    After specifying a search string, select a time range in which the data you are looking for is likely to occur. If you do not select an appropriate time range, then it is likely that you do not see any results, as that data might have occurred in the past. For more information about searching with a time context, see Searching the data.

    Another reason why you might not be able to search for past data can be due to the data retention period set. For more information about data retention and deletion, see Managing data collectors.

    Tip 3: Choose search terms carefully

    While specifying a search criteria in the search box, choose terms that are likely to appear in the data that you are searching. For example, instead of searching for failure, search for error 401.

    Depending on how you specify your search criteria, particular search results are highlighted. For more information, see Examples of search string results.

    Tip 4: Start simple

    When you start searching, start simple and then add more details. For example, start with error 500.

    You can add more details later. This means you can use various operators such as && (and), || (or) and then add more words in your search string. For example, if you are trying to find error 500 in the data occurring from a particular host, then you can specify the search string, error 500 && HOST=Houston.

    Note that if you do not specify the && operator between two words that are separated by space, then the product automatically interprets the || operator between those words. In the preceding example, if you had not specified the && operator, then the string would be interpreted as error 500 || HOST=Houston.

    For more information, see Search string syntax.

    Tip 5: Use filters when possible

    You can filter data and narrow down your search results in various ways. Filtering can help you get more accurate results.

    Fields and tags can be added in various ways – by using the Search Tools on the landing page, by using the Filters panel (on the left) of the Search page, and from the search results area.

    You can also filter results by changing the time context for which the search results are displayed. For example, if you want to see the data trend for the last 24 hours, you can select Last 24 hours from the time range list on the Search tab.

    For more information, see Filtering your search results.

    Tip 6: Search for exact phrases

    If you want to find results containing the exact string that you are searching for, then enclose the string in double quotes. For example, suppose you want to find the exact phrase, connection timed out, search for "connection timed out".

    For more information, see Search string syntax.

    Tip 7: Don't worry about the capitalization

    A search for the word, Response Size in the raw data is the same as response size. While searching for plain text appearing in the raw data, you need not be careful about the correct capitalization.

    However, the following kinds of searches are case sensitive:

    • Searching for field name=value pairs.
    • Searching for tag name=value pairs.
    • Searching with certain search command operators while specifying a search command as your search term.
      For example, the by operator while specifying the rare command or while specifying the as operator while specifying the stats command.

    For more information, see Search string syntax.

    © Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.