Gravwell 5.1 brings some powerful new features that make it even easier to explore your data. You can now click on arbitrary words within search results to immediately add a filter on a given word. We've also integrated our Data Explorer functionality directly into the Query Studio!

Clickable Words

One of our most frequent user requests is the ability to refine search results by just clicking on text. That's now possible--just click on any word in text results, and a menu will pop up giving you filtering options:

Select to either include or exclude the word, and the query string gets updated automatically. Just hit enter (or click the 'Re-submit search' icon) to re-run the search with the new filter added and see your new results. You can add filters one after the other to drill down further, mixing include & exclude filters:

Gravwell will happily add filters to your existing query, as long as it's using the text renderer (table and chart aren't supported yet), so feel free to combine clickable word filters with hand-written query logic!

Data Exploration in the Query Studio

Data Exploration refers to Gravwell's ability to automatically parse out raw entries into something more user-friendly, applying structure and providing nice clickable filter options. Up until now, Data Exploration has only been available in the separate Data Explorer page, but with Gravwell 5.1 we've rolled Data Exploration into the regular Query Studio interface!

When you run a search using the text renderer, like tag=gravwell, you'll now see a little data exploration icon on the left side of each entry:

Clicking that icon tells Gravwell to do Data Exploration on that entry. The first time you click the icon on a given tag, you'll have to pick from Gravwell's selection of possible data formats:

Once you've selected a format ("syslog" is appropriate for the gravwell tag), the details pane will open, showing the individual fields extracted from the raw entry:

You can click to filter on any of these fields:

Adding a filter immediately updates the query string; hit enter or click the 'Re-submit search' icon to re-run the search and see your filtered results! And, of course, you can combine clickable word filters and data exploration filters:

Conclusion

Gravwell 5.1 brings the latest in our ongoing effort to make your data more accessible and easier to explore. Now, you can filter your search results by simply clicking around while at the same time learning more about the underlying query language, because your clicks translate directly into a Gravwell query string on the fly!