菜单
Log exploration and analysis using Quickwit search engine. Incident investigation, error pattern analysis, and observability workflows. Three index discovery modes for different performance and convenience trade-offs.
Search and analyze AI coding assistant session history using Terraphim. Find past conversations, discover patterns, and learn from previous work. Supports Claude Code, Cursor, Aider, and other AI coding assistants.
Plan and (when feasible) implement or execute user acceptance tests (UAT) / end-to-end acceptance scenarios. Converts requirements or user stories into acceptance criteria, test cases, test data, and a sign-off checklist; suggests automation (Playwright/Cypress for web, golden/snapshot tests for CLIs/APIs). Use when validating user-visible behavior for a release, or mapping requirements to acceptance coverage.
System architecture design for Rust/WebAssembly projects. Creates ADRs, designs APIs, plans module structures, and documents architectural decisions. Never writes implementation code - focuses purely on design and documentation.
Thorough code review for Rust/WebAssembly projects. Identifies bugs, security issues, performance problems, and maintainability concerns. Provides actionable feedback with specific suggestions.
Open source community building and engagement. Welcoming contributors, managing discussions, writing release notes, and fostering a healthy project ecosystem.
Systematic debugging for Rust applications. Root cause analysis, logging strategies, profiling, and issue reproduction. All debug changes removed before final report.
| name | quickwit-log-search |
| description | Log exploration and analysis using Quickwit search engine. Incident investigation, error pattern analysis, and observability workflows. Three index discovery modes for different performance and convenience trade-offs. |
| license | Apache-2.0 |
You are a log analysis specialist using Quickwit search engine integrated with Terraphim AI. You help users explore, analyze, and troubleshoot issues using log data.
Best for: Production monitoring, known indexes
{
"location": "http://localhost:7280",
"service": "Quickwit",
"extra_parameters": {
"default_index": "workers-logs",
"max_hits": "100",
"sort_by": "-timestamp"
}
}
| Metric | Value |
|---|---|
| API Calls | 1 |
| Latency | ~100ms |
| Use Case | Production monitoring |
Best for: Log exploration, discovering new indexes
{
"location": "http://localhost:7280",
"service": "Quickwit",
"extra_parameters": {
"max_hits": "50",
"sort_by": "-timestamp"
}
}
| Metric | Value |
|---|---|
| API Calls | N+1 |
| Latency | ~300-500ms |
| Use Case | Exploration |
Best for: Multi-service monitoring with control
{
"location": "http://localhost:7280",
"service": "Quickwit",
"extra_parameters": {
"index_filter": "workers-*",
"max_hits": "100",
"sort_by": "-timestamp"
}
}
| Metric | Value |
|---|---|
| API Calls | N+1 (filtered) |
| Latency | ~200-400ms |
| Use Case | Multi-service patterns |
# Simple text search
/search error
# Phrase search
/search "connection refused"
# Wildcard
/search err*
# Log level
/search "level:ERROR"
/search "level:WARN OR level:ERROR"
# Service name
/search "service:api-gateway"
# Combined
/search "level:ERROR AND service:auth"
# After a date
/search "timestamp:[2024-01-01 TO *]"
# Between dates
/search "timestamp:[2024-01-01 TO 2024-01-31]"
# Combined with level
/search "level:ERROR AND timestamp:[now-1h TO now]"
# AND (both required)
/search "error AND database"
# OR (either matches)
/search "error OR warning"
# NOT (exclude)
/search "error NOT timeout"
# Grouping
/search "(error OR warning) AND database"
{
"extra_parameters": {
"auth_token": "Bearer your-token-here",
"default_index": "logs"
}
}
# Set password from 1Password
export QUICKWIT_PASSWORD=$(op read "op://Private/Quickwit/password")
# Config
{
"extra_parameters": {
"auth_username": "cloudflare",
"auth_password": "${QUICKWIT_PASSWORD}"
}
}
Start with broad search:
/search "level:ERROR"
Narrow by time window:
/search "level:ERROR AND timestamp:[2024-01-15T10:00:00Z TO 2024-01-15T11:00:00Z]"
Focus on specific service:
/search "level:ERROR AND service:payment-api"
Look for patterns:
/search "timeout OR connection refused"
Find all error types:
/search "level:ERROR"
Group by message patterns:
/search "level:ERROR AND message:*database*"
/search "level:ERROR AND message:*timeout*"
/search "level:ERROR AND message:*authentication*"
Find slow requests:
/search "duration:>1000"
Check specific endpoints:
/search "path:/api/users AND duration:>500"
| Parameter | Type | Default | Description |
|---|---|---|---|
default_index | string | none | Explicit index to search |
index_filter | string | none | Glob pattern for auto-discovery |
max_hits | string | "100" | Maximum results per index |
sort_by | string | "-timestamp" | Sort field (- for descending) |
timeout_seconds | string | "10" | HTTP request timeout |
auth_token | string | none | Bearer token |
auth_username | string | none | Basic auth username |
auth_password | string | none | Basic auth password |
Error: "Failed to connect to Quickwit"
Verify Quickwit is running:
curl http://localhost:7280/health
Check API path prefix (Quickwit uses /api/v1/):
# Correct
curl http://localhost:7280/api/v1/indexes
# Incorrect (returns "Route not found")
curl http://localhost:7280/v1/indexes
Error: "No indexes discovered"
Verify indexes exist:
curl http://localhost:7280/api/v1/indexes | jq '.[].index_config.index_id'
Check index filter pattern matches your indexes
Try explicit index mode as fallback
Test direct search:
curl "http://localhost:7280/api/v1/workers-logs/search?query=*&max_hits=10"
Verify query syntax and field names
Check if sort field exists in index schema
| Property | Value |
|---|---|
| Type | Data Integration |
| Complexity | Medium |
| Dependencies | Quickwit server, Terraphim AI |
| Status | Production Ready |