Logs

Any time you send a request to an Evervault resource, a log of the request and response will be created inside of your app. You can use the Logs view in the Evervault Dashboard to view and filter these log events.

EQL

Logs can be queried using the Evervault Query Language (EQL), which allows you to filter logs based on their attributes.

1// e.g., EQL query to find all logs with a relay category and response
2// status code of 400 or higher
3category="relay" AND response.status>=400

Operators

The following operators are supported in EQL queries, but not every operator is available for every field. See the searchable fields section below for details.

Operator	Meaning	Example
`=`	Exact match	`request.method="POST"`
`!=`	Not equal	`function.status!="success"`
`>`	Greater than	`response.status>399`
`<`	Less than	`response.status<500`
`>=`	Greater than or equal to	`response.status>=400`
`<=`	Less than or equal to	`response.status<=299`
`:`	Contains	`url.path:"/checkout"`

Compound queries

You can combine filters with AND when all conditions must match, OR when any condition can match, and parentheses to group conditions.

1// AND: all conditions must match
2category="relay" AND response.status>=400
3
4// OR: any condition can match
5request.method="POST" OR request.method="PUT"
6
7// Grouped: control evaluation order
8(category="function" AND function.status="failure") OR response.status>=500

Searchable fields

Field	Operators
`log.id` The unique identifier of the log.	`=`, `!=`
`resource.id` The ID of the Evervault resource.	`=`, `!=`
`category` The event category.	`=`, `!=`
`request.method` The request method used in the HTTP request.	`=`, `!=`
`response.content_type` The content type of the response.	`=`, `!=`
`request.headers` The headers sent in the HTTP request.	`=`, `:`, `!=`
`request.body` The body of the HTTP request.	`=`, `:`, `!=`
`response.status` The status code of the HTTP response.	`=`, `!=`, `>`, `<`, `>=`, `<=`
`response.headers` The headers sent in the HTTP response.	`=`, `:`, `!=`
`response.body` The body of the HTTP response.	`=`, `:`, `!=`
`request.content_type` The content type of the request.	`=`, `!=`
`url.full` The full URL requested.	`=`, `:`, `!=`
`url.domain` The domain part of the URL.	`=`, `!=`
`url.path` The path part of the URL.	`=`, `:`, `!=`
`url.query` The query string part of the URL.	`=`, `!=`
`url.port` The port part of the URL.	`=`, `!=`, `>`, `<`, `>=`, `<=`
`function.id` The unique identifier of the function.	`=`, `!=`
`function.run_id` The unique identifier of the function run.	`=`, `!=`
`function.name` The name of the function.	`=`, `!=`
`function.log` The log output of the function.	`=`, `:`, `!=`
`function.status` The status of the function.	`=`, `!=`
`function.initialisation.duration` The duration of the function initialisation.	`=`, `!=`, `>`, `<`, `>=`, `<=`
`function.duration` The duration of the function.	`=`, `!=`, `>`, `<`, `>=`, `<=`
`crypto.fields.encryptCount` The number of fields encrypted.	`=`, `!=`, `>`, `<`, `>=`, `<=`
`crypto.fields.decryptCount` The number of fields decrypted.	`=`, `!=`, `>`, `<`, `>=`, `<=`
`crypto.files.encryptCount` The number of files encrypted.	`=`, `!=`, `>`, `<`, `>=`, `<=`
`crypto.files.decryptCount` The number of files decrypted.	`=`, `!=`, `>`, `<`, `>=`, `<=`
`network_token.id` The unique identifier of the network token.	`=`, `!=`
`3ds.id` The unique identifier of the 3D Secure session.	`=`, `!=`
`3ds.status` The status of a 3D Secure session.	`=`, `!=`
`3ds.authentication_flow` The authentication flow used in the 3D Secure session.	`=`, `!=`
`3ds.card.last_four` The last four digits of a card number.	`=`, `!=`
`3ds.card.funding` The card funding type.	`=`, `!=`
`3ds.card.issuer` The issuer of the card.	`=`, `!=`
`3ds.card.country` The country the card is issued in.	`=`, `!=`
`3ds.card.currency` The currency of the card.	`=`, `!=`
`3ds.card.segment` The card segment.	`=`, `!=`
`3ds.payment_type` The type of payment.	`=`, `!=`
`3ds.card.brand` The brand of the card.	`=`, `!=`
`3ds.initiator` The initiator of the 3D Secure session.	`=`, `!=`
`3ds.version` The version of the 3D Secure protocol used.	`=`, `!=`