Log Analysis

Press Enter on the Log Counts panel in the main view to access the comprehensive analysis modal. The modal uses the same receive time architecture as the main dashboard, ensuring consistent and reliable visualization regardless of log timestamp accuracy or clock skew issues.

Time-Series Heatmap Analysis

Understanding the Heatmap

The time-series heatmap is one of Gonzo's most powerful visual analysis tools:

Time Axis (Horizontal):

Shows last 60 minutes in 1-minute buckets
Reading: 60 = 60 minutes ago, 0 = current minute
Updates in real-time as new logs arrive

Severity Axis (Vertical):

Each row represents a different log severity level
Separate tracking for ERROR, WARN, INFO, DEBUG, etc.
Independent scaling per severity level

Intensity Indicators:

░ = Low activity (1-25% of max for this severity)
▒ = Medium activity (25-50% of max)
▓ = High activity (50-75% of max)  
█ = Very high activity (75-100% of max)

Reading Heatmap Patterns

Identifying When Problems Started:

Time: 60  50  40  30  20  10  0
ERROR ░░░░░░░░████████████░░░░░░
WARN  ░░░░░░████████████████░░░░

Analysis:

Problem started around 40 minutes ago
Peak error activity 30-20 minutes ago
Warnings preceded errors (early warning signs)
System appears to be recovering now

Use Case: Incident timeline reconstruction

Daily Performance Cycles:

Time: 60  50  40  30  20  10  0
ERROR ░░░░░░░░░░░░░░░░░░░░░░░░░░
WARN  ░░░░████░░░░████░░░░████░░
INFO  ████░░░░████░░░░████░░░░░░

Analysis:

Regular 20-minute cycles in warnings
High info activity alternating with warnings
Suggests scheduled job or batch processing
No critical errors, normal operational pattern

Use Case: Capacity planning and optimization

System Failure Propagation:

Time: 60  50  40  30  20  10  0
ERROR ░░░░░░░░░░█░░██████████████
WARN  ░░░░░░░░█████████████████░
INFO  ░░░░░░████████████░░░░░░░░

Analysis:

Single error triggered cascade
Warnings spread quickly after initial error
Info logs dropped off (services became unresponsive)
Classic cascade failure pattern

Use Case: System resilience analysis

Heatmap Best Practices

🔍 Investigation Techniques:

Start wide, zoom in - Look for obvious patterns first
Compare severity levels - How do different levels correlate?
Identify inflection points - When did patterns change?
Look for cycles - Are there recurring patterns?

⚡ Quick Analysis:

# Quick heatmap analysis workflow:
1. Press Enter on Counts panel
2. Scan heatmap for obvious spikes or patterns
3. Note correlation between severity levels
4. Identify time ranges for deeper investigation
5. Use time information to filter main log view

Log Statistics Window

Select i from the main window to access the Log Statistics view. This window provides a general overview of all your logs including top services, severity distribution, most common patterns, and top attributes.

Log Detail View

Selecting ENTER on the Log Viewer in the main Gonzo TUI will drill down into the Log Detail View. From this modal you can look at attribute details, time and severity information, and select i to get further AI analysis from whatever AI model you've configured. On the right panel you can chat directly with your selected AI model in context to the selected log you are viewing. Nothing is shared with AI unless you explicitly connect to a model of your choice.

PreviousBasic Usage NextAdvanced Features

Last updated 4 days ago

Detailed Analysis Modal

Time-Series Heatmap Analysis

Understanding the Heatmap

Reading Heatmap Patterns

Heatmap Best Practices

Log Statistics Window

Log Detail View