Welcome to the Seq documentation hub. You'll find comprehensive guides and documentation to help you start working with Seq as quickly as possible, as well as support if you get stuck. Let's jump right in!
Hello, I'm trying out the trial version of Seq, and liking what I'm seeing so far. But I have a concern regarding long-term storage of log data. My concern is that, for now at least, management has decided not to purge logs for our mobile app. To this point log volume has not been astronomical, (10M in 2.5 years) but I expect the logging to become more verbose as I'm working on improving logging. I expect we'll tune the logging retention policy, but would still expect a large amount of events to be retained forever. I would expect this to look more like 250K events per day by the time I'm done. How does Seq handle long term storage. I know from the performance documentation page that the cache is kept in RAM and then moved to disk. If we have 250GB of data spanning 5 years, will Seq still allow us to effectively query that data? An example would be searching for a value stored as a property of the object. Thanks
Posted by David Taylor 9 months ago
I needed to delete events from our SEQ server in which the value of some key is null. When SEQ creates the message string for such an event, it display the null value as the string "null". However, if I search for that string, SEQ doesn't return such events as hits. To make this even more difficult, the custom name for the key is "Message". I will change this in our application, but I still need to delete all these events that used this as the key. What query can I use to find these events?
Posted by Tyson Williams 9 months ago
Hi. I'm having trouble deleting a user from Seq. The log says: { "@t": "2019-02-21T09:47:25.0568213Z", "@mt": "HTTP {RequestMethod} {RequestPath} responded {StatusCode} in {Elapsed:0.0000} ms", "@r": [ "68.2994" ], "@l": "Error", "@x": "System.NullReferenceException: Object reference not set to an instance of an object.\r\n at Seq.Server.Data.Users.Deletions.OwnedItemDeletedPolicy`1.<>c__DisplayClass5_0.<CanDelete>b__1()\r\n at Seq.Server.Web.EntityResourceController`2.RemoveEntity(String id)\r\n at lambda_method(Closure , Object , Object[] )\r\n at Microsoft.AspNetCore.Mvc.Internal.ActionMethodExecutor.SyncActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)\r\n at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeActionMethodAsync()\r\n at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeNextActionFilterAsync()\r\n at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Rethrow(ActionExecutedContext context)\r\n at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)\r\n at Microsoft.AspNetCore.Mvc.Internal.ControllerActionInvoker.InvokeInnerFilterAsync()\r\n at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeNextResourceFilter()\r\n at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.Rethrow(ResourceExecutedContext context)\r\n at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)\r\n at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeFilterPipelineAsync()\r\n at Microsoft.AspNetCore.Mvc.Internal.ResourceInvoker.InvokeAsync()\r\n at Microsoft.AspNetCore.Builder.RouterMiddleware.Invoke(HttpContext httpContext)\r\n at Seq.Server.Web.Middleware.WebSocketAcceptMiddleware.Invoke(HttpContext context)\r\n at Seq.Server.Web.Middleware.RequestAuthenticationMiddleware.Invoke(HttpContext httpContext)\r\n at Seq.Server.Web.Middleware.BrowserSecurityOptionsMiddleware.Invoke(HttpContext context)\r\n at Seq.Server.Web.Middleware.RequestCompletionMiddleware.Invoke(HttpContext httpContext)", "RequestMethod": "DELETE", "RequestPath": "/api/users/user-202", "StatusCode": 500, "Elapsed": 68.2993927999229, "ErrorToken": "0830f7b0b3e14f588ae70565a8157d91", "RequestProtocol": "HTTP/1.1", "RequestHost": "XXXXXXXXXXXXXXXXXXXXXXX", "RequestHeaders": { "User-Agent": "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36" }, "SourceContext": "Seq.Server.Web.Middleware.RequestCompletionMiddleware", "RequestId": "80000c0f-0000-0700-b63f-84710c7967bb", "CorrelationId": null } The error message on the settings page: Could not save user An unhandeled error occurred while serving the request
Posted by Erling Brandvik 9 months ago
Is it possible to create a chart in a dashboard that has a filters based on the text in the message of an exception? Sometimes my application throws an exception that is caught by some top-level try/catch that creates a log event and includes the exception. If I added the exception's message to the log message, then it would be easy to filter in a chart based on that text. In the "where" text box of the chart, I could put (for example) "@Message = '%null%'" to search for exceptions with a message that said that something was null. However, I would prefer to keep the message of the log as is an access the exceptions message though the exception. Is it possible to do this?
Posted by Tyson Williams 9 months ago
Hi, We have just updated from v4.1 to v5.0, a heavily used link is now missing on the logon page for Integrated Windows Authentication. Are we missing a configuration setting to enable this or has this been removed? The actual page still exists and allows for integrated authentication. https://hostname/integrated Cheers Dave
Posted by Dave Strachan 9 months ago
Hi, Creating an internal Seq App and inside the reactor i can easily call this.Log.Information("blah") to post message back thats viewable in Seq when the app is processing. My question is there a way to configure the minimum log level, so I can have Debug level messages in the Application that will not be sent in normal operation. Cheers Dave
Posted by Dave Strachan 9 months ago
Hi, I want to track a few signals on the dashboard. I did a sql query: select @Timestamp, ConnectionWanted from stream where ConnectionWanted and SourceContext = 'Dongle:Port' The result is just a table with two columns; timestamp and a boolean value. I want to plot this on the dashboard but how do I convert a bool to an integer? Best would be for the plot to support boolean (True, False). Regards, Sebastian
Posted by Sebastian Nilsson 9 months ago
Hi Thanks again for a great product. Would it be possible to set caching response headers on the files downloaded from Seq Web UI? For example, the vendor bundle, which is 1MB is downloaded over and over each time you load the app on a new instance of your browser which is slowing down the experience for our remote users. Since the JS files look like they have unique file names for each version. Something like this should do: ``` Cache-Control: public,max-age=31536000 ```
Posted by Ray Booysen 9 months ago
Hello! We have pretty large data volume (32mln events a day) and experience problems with searching as far as it takes almost forever even if we try to find smth in a 2-3 hours interval. All events have specific custom fields which are required to be searched by. Is there an option to have indices on custom fields for faster search?
Posted by Nikolay Bobrovskiy 10 months ago
I recently upgraded my references to Seq.Api to the latest v5.0.0 build. I found that the following code threw an exception after the upgrade: var signal = connection.Signals.ListAsync().Result.FirstOrDefault(s => s.Title == "UnitTest"); if (signal == null) return; var result = connection.Events.DeleteInSignalAsync( signal ).ConfigureAwait(false).GetAwaiter().GetResult(); The exception said "400 - Only shared or personal signals can be requested." After digging into the git repo for a bit, I saw that an optional shared parameter had been added to ListAsync (defaults to false). When I changed this value to "shared: true" in the call site, the exception went away. I looked at my Seq installation, and it lists the Signal in question as Shared, with no way to enable/disable that. Is there a reason that shared is defaulted to false, if such a value will prevent it from working with normal signals that are added via the WebApi? Please let me know if you need anymore information. Thanks! Aaron
Posted by Aaron Schnarr 10 months ago
We're happy enterprise users of Seq (great tool), but recently have had a few issues where API keys and shared filters have been deleted by admin users between different teams. Currently, there is no audit log available to ascertain who has deleted the entries (accidentally I'm sure), which would at least help us educate users to be more careful. Better still would be adding some fine-grained authorisation mechanism, so that users can be linked to groups, and admin permissions on API keys and shared filters can be set at group level to better protect these resources.
Posted by Will 10 months ago
Hi all, I'm trying to setup an Azure Kubernetes deplyoment with a SEQ service, using yaml config file, for example: [...] spec: containers: - name: seq image: datalust/seq:latest ports: - containerPort: 80 env: - name: ACCEPT_EULA value: "Y" It works with no issue, but SEQ is running with basic configuration, especially authentication. What I'm struggling with now, is how to configure SEQ container instance, in the config file, in order to setup AAD authentication. I could create a custom docker file in a private registry, based on datalust/seq and change the way the service is executed there, but I would like to keep it simple if possible. Anyway, even if I would do that, I don't know how to setup AAD using seq.exe command line as it seems it is only configurable once you have your instance up and running, which is in contrast with what I want to do: a complete automated deployment. Would you please advise? Cheers, Claudio
Posted by Claudio Duranti 10 months ago
Hello, I'm trying to run the Seq docker container and run it under a virtual path at the address http://localhost/seq The documentation states: > To use a specific hostname, or listen at a virtual path on the server, the listen URIs need to be reconfigured. If I edit the Seq.json file and set the listenerUris to this: ``` "api": { "listenUris": [ "http://localhost:80/seq", "http://localhost:5341/seq" ], ``` When I run Seq from within the docker container with the command: ``` /bin/seq-server/Seq run --storage=/data ``` I'm getting the following error: ``` ──────────────────────────────────────── Seq ♦ Machine data, for humans. ─────────── © 2018 Datalust Pty Ltd ──── Running as server; press Ctrl+C to exit. [04:17:21 INF] Seq "5.0.2394" running on OS "Linux 4.9.125-linuxkit #1 SMP Fri Sep 7 08:20:28 UTC 2018" [04:17:22 FTL] Unable to start Kestrel. System.InvalidOperationException: A path base can only be configured using IApplicationBuilder.UsePathBase(). at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.ParseAddress(String address, Boolean& https) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding) at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken) [04:17:22 FTL] Error running the server application System.InvalidOperationException: A path base can only be configured using IApplicationBuilder.UsePathBase(). at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.ParseAddress(String address, Boolean& https) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.AddressesStrategy.BindAsync(AddressBindContext context) at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.AddressBinder.BindAsync(IServerAddressesFeature addresses, KestrelServerOptions serverOptions, ILogger logger, Func`2 createBinding) at Microsoft.AspNetCore.Server.Kestrel.Core.KestrelServer.StartAsync[TContext](IHttpApplication`1 application, CancellationToken cancellationToken) at Microsoft.AspNetCore.Hosting.Internal.WebHost.StartAsync(CancellationToken cancellationToken) at Microsoft.AspNetCore.Hosting.Internal.WebHost.Start() at Seq.Server.ServiceProcess.ServerService.Start() ``` Is running seq with virtual path base supported? Am I doing it wrong? Secondarily, the docker container seems to always run a script that sets the listener URIs to http://localhost:80,http://localhost:5341. I'm having to bypass the docker entry point to just run the shell interactively and attempt to launch Seq manually. This allows me to modify the Seq.json config and not have the container overwrite the changes when it starts. If the scenario I'm hoping for is supported, is there a correct way I should run the seq docker container and specify the listener url with a virtual path? Thanks for any help!
Posted by Joe Camp 10 months ago
Hi, I've setup AAD auth on SEQ which is hosted in a Docker container. I'm getting a "The reply url specified in the request does not match the reply urls" but I'm positive that the reply URL in the AAD application is correct (https://seqserver/aad). Does the SEQ instance need to have the reply URL host as a listen URL (ex: https://seqserver)? If so, how do I set this up with a Docker container? Thanks!
Posted by Yohan Belval 10 months ago
Hi, I recently ran across a situation where Seq was not running (user error), and obviously NLog was not able to successfully log to the Seq target. However, there was no indication provided to the program, aside from NLog writing to it's internal log. Is there any way that you've run across to detect when NLog is unable to write to a the Seq target? I've started looking at the Fallbackgroup option, to have a secondary log target write failed messages to file, to ensure that no data is lost. If this were to occur, what are the options for Seq Api, that we could use to add the dropped/missing entries to the Seq logs AT the original timestamp? Thanks,
Posted by Aaron Schnarr 10 months ago