A powerful Streamlit-based log analysis tool for searching, filtering, and analyzing Snowflake Openflow telemetry data. Quickly identify errors, warnings and other events, trace issues across processors, and export findings for further investigation.
- Multi-Runtime Support: Select one or multiple runtimes to analyze simultaneously
- Internal Runtime Toggle: Show or hide internal system runtimes (prefixed with
runtime-) - Processor Filtering: Filter logs by specific processor(s) — displays the top 20 processors with the most activity
- Log Level Filtering: Filter by severity level:
ERROR— Critical issues requiring immediate attentionWARN— Potential problems that may need investigationINFO— Informational messages for context
- Multi-Term Search: Enter comma-separated terms to search for multiple keywords at once
- Example:
timeout, connection, failedfinds logs containing any of these terms
- Example:
- Search Modes:
- Contains (default): Case-insensitive partial matching with multi-term support
- Regex: Full regular expression support for complex pattern matching
- Exact Match: Find logs with an exact message match
- Interactive Timeline Histogram: Visualize log distribution over time with Plotly
- Stacked bars showing ERROR, WARN, and INFO logs by severity level
- Color-coded by log level (red for errors, orange for warnings, blue for info)
- Hover for detailed counts at each time bucket
- Zoom and pan to focus on specific time periods
- Configurable Time Buckets: Aggregate data by:
- 1 minute
- 5 minutes
- 15 minutes
- 1 hour
- Preset Time Windows:
- Last 1 hour
- Last 6 hours
- Last 24 hours
- Last 7 days
- Custom Time Range: Define exact start and end dates/times (UTC) for precise analysis
- Time Range Slider: Fine-tune the selected window with an interactive slider
- AG Grid Table: Enterprise-grade data grid with Excel-like functionality
- Column Sorting: Click column headers to sort ascending/descending
- Column Filtering: Filter each column independently
- Column Resizing: Drag column borders to resize
- Pagination: Navigate through results (50 rows per page)
- Multi-Row Selection: Checkbox selection for bulk operations
- Sidebar Panel: Access additional filtering and column visibility options
- Real-Time Metrics Bar: Displays:
- Total log count
- Error count
- Warning count
- Info count
- Unique processor count
- Automatic Log Clustering: Similar logs are automatically grouped using fuzzy matching
- Pattern Analysis: Each group shows:
- Total occurrences
- First and last seen timestamps
- Affected processors
- Sample log message
- Drill-Down Capability: Expand any group to view all individual occurrences
- Normalized Matching: Dynamic values (timestamps, UUIDs, line numbers) are normalized for accurate grouping
- One-Click Export: Download filtered results as a CSV file
- Smart Naming: Exported files include runtime name and timestamp
- Example:
logs_runtime-prod_20260120_143022.csv
- Example:
- Full Data Export: Exports all columns (Timestamp, Processor, Level, Message)
| Component | Technology |
|---|---|
| Frontend | Streamlit with custom CSS theming |
| Data Source | Snowflake via Snowpark |
| Visualization | Plotly (timeline), Altair |
| Data Grid | AG Grid (st-aggrid) |
| Fuzzy Matching | RapidFuzz |
| Data Processing | Pandas |
| Caching | Streamlit (60-second TTL) |
- Python 3.7+
- Snowflake account with access to Openflow telemetry data
- Snowflake Streamlit environment
The application queries telemetry data from:
snowflake.telemetry.events
Update the EVENTS_TABLE constant in OpenflowSight.py if your table path differs.
- Select Runtime(s) in the sidebar
- Choose Log Level(s) (ERROR, WARN, INFO)
- Set Time Window (preset or custom)
- Review Timeline to identify activity spikes
- Drill into Details using Individual Logs or Grouped Patterns tabs
- Use Multi-Term Search to find related logs (e.g.,
timeout, connection) - Filter by Processor to isolate specific components
- Switch to Grouped Patterns to identify recurring issues
- Export to CSV for offline analysis or sharing
- Open Grouped Patterns tab to see clustered logs
- Review occurrence counts to prioritize high-frequency issues
- Check affected processors to understand scope
- Expand groups to trace individual occurrences
The app uses a professional light theme. Modify the custom_theme CSS in OpenflowSight.py:
custom_theme = """
<style>
.stApp {
background-color: #F0F2F6; /* Main background */
}
/* Add your custom styles here */
</style>
"""Modify SQL queries to match your telemetry schema or add custom filters.
- Use Specific Time Windows: Smaller windows = faster queries
- Filter by Processor: Reduces data volume significantly
- Clear Cache: Click "Clear Cache" in sidebar if data appears stale
- Pagination: AG Grid loads 50 rows per page for performance
| Issue | Solution |
|---|---|
| Snowflake Connection Error | Verify EVENTS_TABLE path and permissions |
| No Data Displayed | Check time window and runtime filters |
| Slow Performance | Use shorter time windows or filter by processor |
| Stale Data | Click "Clear Cache" or "Refresh Data" button |
streamlit
snowflake-snowpark-python
pandas
altair
plotly
st-aggrid
rapidfuzz
Built with Streamlit for Snowflake