Clusterdetails Command

Use this command to look at log data within categories for specific classify results It enables you to expand a message signature into the individual log entries.


clusterdetails collection=<collection_name> [<summary_expression>]


The following table lists the parameters you can use with this command, along with their descriptions.

Parameter Description


Use this parameter to specify the collection where the log data exists. The value for this variable should either be in the format<string> or <string>.


Use this parameter to compare the ID to an expression. The value for this parameter should either be in the format id <cmp> or id <in_exp>.


Use this parameter as a comparison operator. The possible values for this variable include = and !=.


This parameter should be in the format [NOT] IN “(“ <value> (“,”<value>)*”)”.

The following query returns the fatal logs included in ID 1, in the collection ‘Fatal logs’.

Severity = fatal | clusterdetails collection = 'Fatal logs' id = 1