Configure log display options

Grafana can automatically detect and display log levels (error, warning, info, debug) with color coding when you configure the correct field names. Setting the message and level fields helps Grafana parse your Elasticsearch logs correctly for better visualization.

In this milestone, you’ll configure the log display options in your Elasticsearch data source settings.

To configure log display options for your Elasticsearch data source, complete the following steps:

1. In the left navigation menu, click Connections > Data sources.

2. Select your Elasticsearch data source from the list.

3. Scroll down to the Logs section.

4. In the Message field name field, enter the field that contains your log message.

   For example, enter message or log depending on your Elasticsearch index mapping.

5. In the Level field name field, enter the field that contains log severity.

   For example, enter level, severity, or fields.level.

6. Click Save & test to apply your changes.

7. Return to Explore and run your query again to see the updated log display.

Log entries now display with color-coded log levels (red for errors, yellow for warnings, green for info) and the message content is clearly visible.

In the next milestone, you’ll filter logs by time range to focus on a specific investigation window.