Menu

Subscribe

Seq 4.2 RTM

Seq 4.2 is now available for download. This release is one of our biggest point releases ever, with UX improvements, optimizations, polish, and bug-fixes throughout.

Thank you to everyone who made suggestions, reported issues, and provided feedback on the pre-release builds of Seq 4.2 - we couldn't have shipped this release without you!

What is Seq?

Seq is a centralized log server built specifically for modern applications using structured logging techniques.

Seq in context

Seq is tightly integrated into .NET through libraries such as Serilog and ASP.NET Core, and through native logging libraries on other platforms.

The Seq 4.x release series builds on Seq's powerful query language and rich plug-in app ecosystem to provide sophisticated dashboarding and alerting directly from application log data.

Seq 4.2

The three major improvements in today's release are:

  1. A smoother, better-organized filtering experience through the Seq signal bar,
  2. Easier, faster configuration of alert notifications, and
  3. An updated plug-in app model that can now host apps written in any programming language

Along with these, a huge number of small improvements have been made, some of which we'll also highlight below.

Signal groups

A signal is a subset of the event stream defined by one or more filters. Signals are often used to narrow down a log search to an environment, machine, application or component.

Signals are so useful that it's not uncommon to create dozens of different signals for different purposes; these are listed in the signal bar, on the right-hand side of the events screen, which can become quite crowded.

In Seq 4.2, we've streamlined the signal bar making the observation that many signals select for different values of the same property. For example, the Production signal might be driven by the Environment = 'Production' filter, and the Test signal based on Environment = 'Test'. Seq 4.2 will automatically group these under Environment:

Grouped signal bar

Groups create some structure in the otherwise-flat signal list, are easier to visually distinguish, and can be collapsed to save space and show more signals on-screen.

Signals with more complex filters can be grouped by clicking on the "pencil" icon next to the signal name, and specifying a group name manually.

But there's more! When signals are grouped, Seq will consider them to be disjoint sets: an event might be from the Production environment, or from Test, but it can't be from both. When multiple grouped signals are selected, Seq recognizes this and returns events matching any of the selected signals in the group.

Errors and warnings

In practice, this means that clicking Errors and Warnings in the @Level group will display both error and warning-level events, instead of the empty set that Seq 4.1 would display.

Notification parameters

Alert notifications use Seq apps to trigger an email, notify a Slack or Teams channel, or raise an issue on an issue tracker when an alert condition is detected.

In Seq 4.2, specific parameters - such as the destination email address or Slack channel name - can be marked as "overridable" when configuring the Seq app instance that will process an alert:

App with overridable parameter

This makes it possible to configure multiple alerts, with different parameters, without needing to create and manage multiple Seq apps to process them:

Alert with channel override

Overridable parameters can also be specified when manually sending an event to an app; this is especially useful when raising tickets using one of the issue tracker integrations.

Writing Seq apps in non-.NET languages

Seq apps are plug-ins that process events and notifications. Along with the Seq.Apps C# library, it's now possible to package an executable built in any programming language as a Seq app!

Read this complete walkthrough to see how apps can be built and packaged using the Rust programming language.

Dashboarding updates

Dashboards have gained support for pie charts in this release:

Dashboard with pie charts

Charts with associated alerts also now show the alert thresholds when viewed at the corresponding time interval.

Query language improvements

Tired of writing @Level = 'Warning' or @Level = 'Error' or @Level = 'Fatal'? Then you'll love array expressions and the in operator!

@Level in ['Warning', 'Error', 'Fatal']

In SQL queries, Seq 4.2 also adds support for multiple aggregate functions (like sum and count) in the same projected column:

select sum(Elapsed) / count(*) as avg_elapsed
from stream
group by time(1m)

This opens up some possible analyses that couldn't be expressed in earlier versions.

Release notes

You can read the full release notes in the Seq 4.2 milestone on the Seq issue tracker.

Installing and upgrading

Seq 4.2 is a simple in-place upgrade for all Seq versions from 2.0 onward. (Seq 1.x installations need to be upgraded to Seq 3.0 first.)

Download the installer from https://getseq.net/download.

We'd love to hear you feedback and answer any questions, here in the comments, on the Seq issue tracker, or by email to support@getseq.net.