query-logs
Logs Querying Skill
Query and analyze Coralogix logs using the cx logs command with DataPrime syntax.
Understanding Logs in Coralogix
Logs in Coralogix are largely unstructured. Every log entry has a small structured envelope — metadata and labels — but the actual application payload (userData) is free-form and varies entirely by application. There is no universal schema for $d.* fields.
This means:
- Metadata (
$m.*) and labels ($l.*) are predictable — you can always filter on severity, timestamp, application name, and subsystem name without discovery. - User data (
$d.*) is not predictable — field names, nesting, and types depend on whatever the application chose to log. Always verify$dfields before assuming they exist.
CLI Command
cx logs '<dataprime_query>'
More from coralogix/cx-cli
cx-telemetry-querying
|
176cx-alerts
This skill should be used when the user asks to "manage alerts", "create alert", "list alerts", "check alert status", "enable alert", "disable alert", "investigate firing alerts", "check which alerts are active", "find alerting rules", "set up an alert", "configure alerting", "mute an alert", "silence an alert", "see alert definitions", "check alert priority", or wants to manage Coralogix alert definitions using the cx CLI.
159cx-create-dashboard
>
150cx-observability-setup
>
149cx-incident-management
>
147cx-cost-optimization
>
141