Search results

We are almost through with all the widgets on the page. We still have a number of items to cover in the search results section, though, just to be thorough:

As you can see in the previous screenshot, at the top of this section, we have the number of events displayed. When viewing all results in their raw form, this number will match the number above the timeline. This value can be changed either by making a selection on the timeline or by using other search commands.

Next, we have the action icons (described earlier) that affect these particular results.

Under the action icons, we have four results tabs:

• Events list, which will show the raw events. This is the default view when running a simple search, as we have done so far.
• Patterns streamlines event pattern detection. A list of the most common patterns among the set of events is returned by your search. A number of events that share a similar structure are represented by these patterns.
• Statistics populates when you run a search with transforming commands such as stats, top, chart, and so on. The previous keyword search for error does not display any results in this tab because it does not have any transforming commands.
• Visualization transforms searches and also populates the Visualization tab. The results area of the Visualization tab includes a chart and the statistics table used to generate the chart. Not all searches are eligible for visualization—a concept which will be covered later in this book.

Under the previously described tabs, is the timeline that we will cover in more detail later in this chapter.