I'm trying to test our Loki log data source. From the Queries I've been executing nothing is returned.

It's possible that the logs are in a different format to what I'm expecting, or that no Logs are ingested by Loki, and my pipeline is broken somewhere.

Is there a Loki query that returns all the logs?

I've looked through documentation, and so far, I haven't found any such Loki query. Any other queries to help debug would be appreciated!

You can use a match-all regex together with a stream you have for all your logs.

For example if you collect a stream named host for all your incoming logs you'd query for:

{host=~ ".*"}

You should note that at present a stream selector is always required for querying logs.

{host=~ ".*"} doesn't work for me. Use {host=~ ".+"} That should work always.

You can use a match-all regex together with a stream you have for all your logs.

For example if you collect a stream named host for all your incoming logs you'd query for:

{host=~ ".*"}

You should note that at present a stream selector is always required for querying logs.

You can use some stream filter, which matches all the log streams. For example, if every log stream contains app label, then the following query can be used for returning all the logs stored in Loki:

{app=~".+"}

This query must be executed at /loki/api/v1/query_range HTTP endpoint with start and end query args covering the time range for the needed logs.

P.S. it is much easier returning all the logs in LogsQL - an alternative query language for logs I work on:

*

The query above returns all the logs with the * filter. It works without excess resource usage for any number of logs (e.g. billions and trillions of logs), since it streams matching logs to the response as soon as they are read from the storage.

recommend use the label=~".+", this is the efficat way.

Of cause, use the label!="", label=~".*", is all right, but it's possible return 504 Timeout