How to understand Real-Time Events logs
Your analysis using Real-Time Events depends on the variables you choose to use. Each data source has a set of preorganized variables that provide information on access, behavior, and performance of your edge applications and related products.
You can find all available variables, their descriptions, and examples in the data source reference.
You have the option of querying a general search and receive all possible variables and values or querying a filtered search, so you can decide which variables will be queried.
Go to add filters guideQuerying a general search
You can query a general search and receive all of the variables and their possible available values for the data source you’re analyzing. This could be the ideal choice if you want to analyze as much information as possible or if you’re still not exactly sure what you need to investigate.
For example, if you notice your application isn’t properly exhibiting what you configured on an edge function, you can query the Edge Functions data source and analyze all variables to check if the right function is being called and what type of message it returned when it was called.
Querying a filtered search
You can query a filtered search to receive specific variables and values according to what you’re analyzing. This could be the ideal choice if you already know what type of information you’re going to analyze.
For example, if you suspect there may be malicious users trying to access your edge application, you can query the Edge Applications data source and analyze variables such as $city
, $host
, $http_referrer
, $remote_addr
, $request_uri
, and so on.