• Documentation
    • Search documentation
    karat

    +

    K

    API Reference ↗
    AI Platform (AIP)AIP ObservabilityLog search

    Log search [Beta]

    Beta

    Log search is in the beta phase of development. Functionality may change during active development.

    The Search logs tab in Workflow Lineage allows you to search across all service logs produced by a selected source executor over the past seven days. Unlike the per-execution service logs view, log search aggregates logs from every execution originating from a given source executor, making it useful for investigating recurring errors or finding specific log messages across multiple runs.

    A source executor is the first executable resource in the call chain and can be a function, action, automation, AIP logic, or AIP agent.

    Accessing log search

    To access log search:

    1. Open Workflow Lineage and navigate to the workflow containing your resource.
    2. Select an executable resource node.
    3. Select the Search logs tab in the bottom panel.

    Log search in Workflow Lineage.

    Searching logs

    The search bar at the top of the panel accepts text queries. Type a search term and the results will populate the results table. The search is case-sensitive and matches against the full log line, including both the Message and Content fields.

    You can use * as a wildcard character to match any sequence of characters. For example:

    • connection failed matches log lines containing the exact phrase "connection failed"
    • timeout*retry matches log lines containing "timeout" followed by "retry" with any characters in between
    • Error matches "Error" but not "error" or "ERROR"

    Log search results showing matching text highlighted in the Content column.

    The Search logs tab displays logs for executions where the selected resource is the source executor. Logs from executions where the resource was called by another resource are not included. In the example below, the function produced logs during execution but is not the source executor — it was called by an automation. Searching from the function returns no results; to find these logs, search from the automation node instead.

    Log search showing no results because the selected function is a producing resource but not the source executor.

    Resources with multiple source executors

    A resource may be invoked as a source executor in some executions and as a downstream dependency in others. For example, if an action can be triggered directly or by an automation, selecting the action only shows logs where the action is the source executor (for example, triggered on demand from Workshop). To view logs for the entire chain, always search from the outermost node (in this case, the automation).

    Understanding the results table

    Search results are displayed in a table sorted by timestamp, with the most recent logs appearing first. The table includes the following columns:

    ColumnDescription
    Log levelA color-coded icon indicating the severity: red for ERROR and FATAL, orange for WARN, and neutral for INFO, DEBUG, and TRACE
    TimestampThe date and time the log entry was recorded
    MessageThe primary log message. Select the field to open a detail dialog
    ContentAdditional structured content, often in JSON format. Select the field to open a detail dialog
    Producing resourceThe resource that emitted the log entry

    Matching text from your search query is highlighted in the Message and Content columns.

    Viewing log details

    Select any Message or Content cell to open a detail dialog with the full log entry. The dialog provides:

    • Message and Content tabs to switch between the two fields
    • A text search bar to find specific content within the log entry
    • A Wrap lines toggle for easier reading of long log lines
    • Automatic JSON formatting for structured content

    Service log content dialog showing the Content tab with formatted JSON and highlighted search match.

    Log retention and pagination

    Log search covers the most recent seven days of logs. Results are loaded in pages of 100 entries. Scroll to the bottom of the table to load additional results. Logs are not streamed live; to view additional logs produced after the initial search, refresh the page.

    Permissions

    Log search uses the same permission model as execution history. To search logs for a resource, you must have edit permission on the resource. If log access has been enabled for the source executor's project, and you have access to all the necessary markings, you can search logs across all executions. If log access has not been enabled, you can only search logs for your own executions from the past 24 hours, but edit permission on the resource is still required.

    Log search indicating access is limited to own executions from the past 24 hours.

    For full details on log access configuration, see log permissions.

    Related features