Explore documentation
  1. Welcome to AI SRE 👋
  2. AI SRE vs MCP server
  3. Writing code
    1. Creating pull requests for errors
    2. Bulk resolving errors
  4. Analyzing data
    1. Analyzing incidents
    2. Analyzing logs
    3. Checking for outliers
  5. Managing data
    1. Creating dashboards
    2. Importing Datadog dashboards
    3. Importing Grafana dashboards
  6. Integrations
    1. Linear
    2. Sentry
    3. Datadog
    4. Grafana
    5. GitHub
    6. Notion

Analyzing logs

AI SRE can analyze logs using two primary methods: pattern discovery and direct queries. You can start by opening a new chat.

Starting logs analyis

Pattern discovery

Use pattern discovery to get a high-level overview of the types of logs a source is generating. Ask AI SRE to "analyze log patterns for the API service from the last 6 hours."

This is useful for understanding what kind of data is available before you start writing specific queries. AI SRE will return the most frequent log patterns it finds, including counts and sample messages for each pattern.

You can filter pattern discovery by:

  • Log level (e.g., error, warn)
  • Service (e.g., redis, mongodb)
  • Time range (relative or absolute)
  • Number of patterns to return (default is 20, max is 100)

Errors by service

Pattern discovery limitations

Pattern discovery works only on logs sources, not metrics or traces.

Charting data

You can ask for inline charts to quickly visualize the data, and even add the charts to your dashboards.

Charting data in AI SRE

Direct queries

For more specific investigations, you can ask AI SRE to run a direct SQL query against your logs, metrics, or traces. You don't need to write the SQL yourself; the agent generates it from your natural-language prompt. For example: "@telemetry.example.com average response time over the last day broken down by status code".

The results can be displayed in three different modes:

  • Sample (default): Shows 30 representative rows and a total count. This is good for getting a quick look at the data.
  • Summary: Provides the same sample data plus an AI-generated summary of key insights, such as error rate changes or performance spikes. This is the best way to spot anomalies in large result sets.
  • Raw: Returns the full query results (up to 1000 rows). Use this when you need AI SRE to perform its own analysis on the complete dataset.

Query results are displayed in a scrollable, sortable table directly in the chat.

Large result sets

For very large result sets, AI SRE may use the Summary mode internally to stay within its context window. If you need the full output, ask it to dump the rows to a CSV or table view.

Previous article

Analyzing incidents

Next article

Checking for outliers