Querying Loki Logs

There are a few ways to query loki logs:

Grafana (Most Preferred)
LogCli
Loki HTTP APIs

info

We will be using Grafana to query, visualize and create alerts. Once you udnerstand the query language, it's quite straight forward to use other approaches, if you need them.

1. Query Optimization Tips

Text:

Queries are evaluated from left to right, so start by eliminating broad results and progressively narrowing down.
Specify a time range to reduce the number of index files Loki has to search.
Use specific labels (e.g., app_name) before other filters to target smaller subsets of data.

Mermaid Diagram: Query Flow Optimization

2. Use Efficient Filters

Text:

Prefer line filters (|= or !=) for basic matching.
Avoid regular expressions (|~ or !~) as they are slower.
Regular expressions should only be used when simple filters cannot achieve the desired result.

3. Minimize Complex Parsing

Text:

Use parser expressions (e.g., JSON, logfmt) only after applying line filters to reduce the number of logs processed.
Parsing is computationally intensive, so apply it only when necessary.

Filter Stacking Order

4. Advanced Optimization

Text:

Use recording rules for complex queries or large datasets.
Recording rules run queries at scheduled times, precompute results, and store them for faster future retrieval.

Recording Rule Workflow

1. Query Optimization Tips​

2. Use Efficient Filters​

3. Minimize Complex Parsing​

4. Advanced Optimization​

1. Query Optimization Tips

2. Use Efficient Filters

3. Minimize Complex Parsing

4. Advanced Optimization