[Feature] Saved Searches & Custom Dashboards

[Polliog]

Feature Description

Allow users to save frequently used search queries for quick access and create custom dashboards with drag-and-drop widgets showing personalized metrics, charts, and tables.

Problem/Use Case

Problem:

• Users repeatedly type the same complex search queries (e.g., "errors in production API service last 24h")
• Default dashboard shows org-wide stats, not personalized metrics
• No way to create custom views for specific workflows (on-call, debugging, monitoring)
• Teams can't share useful searches or dashboards

Use Cases:

• On-Call Engineer: Dashboard showing critical errors across all production services
• Backend Developer: Saved search for "my-service errors with trace IDs"
• DevOps Team: Shared dashboard with deployment metrics and error rates
• Security Team: Dashboard showing Sigma rule detections and failed auth attempts

Proposed Solution

Part 1: Saved Searches

1. Save Search Button:

   • Button on search page: "Save Search"
   • Modal: name, optional description, visibility (personal/team)
   • Store filters as JSON (service, level, time range, full-text query)

2. Saved Searches Sidebar:

   • List saved searches (grouped: personal, team-shared)
   • Click to apply filters instantly
   • Edit, duplicate, delete actions
   • Star favorites (show at top)

3. Sharing:

   • Share with organization (read-only or editable)
   • Export as URL (shareable link)

Part 2: Custom Dashboards

1. Dashboard Builder:

   • Drag-and-drop grid layout (react-grid-layout)
   • Widget library: time-series chart, pie chart, table, stat card, log stream
   • Each widget configurable (metric, filters, time range, refresh interval)

2. Widget Types:

   • Time-Series Chart: Log volume over time (by service, level)
   • Pie Chart: Log distribution (by service, level, error types)
   • Stat Card: Single metric (total logs, error rate, avg response time)
   • Table: Top services by log count, recent errors
   • Live Log Stream: Real-time logs matching filters

3. Dashboard Management:

   • Create, edit, delete dashboards
   • Save as personal or share with organization
   • Clone dashboard to customize
   • Export as JSON (backup/migration)

Alternatives Considered

1. No Custom Dashboards: Keep single org-wide dashboard

   • Con: Doesn't scale for teams with diverse needs

2. Pre-Built Dashboard Templates: Offer 5-10 templates (DevOps, Security, etc.)

   • Con: Still doesn't allow true customization

3. Grafana Integration: Use Grafana for dashboards

   • Con: Adds external dependency, breaks self-contained experience

Why our approach is better:

• Built-in, no external tools needed
• Drag-and-drop UI (no code/config required)
• Shareable within organization

Implementation Details (Optional)

Priority

• Critical - Blocking my usage of LogWard
• High - Would significantly improve my workflow
• Medium - Nice to have
• Low - Minor enhancement

Justification: Very useful for daily workflows, but users can function without it.

Target Users

• DevOps Engineers
• Developers
• Security/SIEM Users
• System Administrators
• All Users

Additional Context

Industry Examples:

• Datadog: Custom dashboards with drag-and-drop widgets
• Grafana: Extensive dashboard builder
• New Relic: Dashboard templates + customization

Contribution

• I would like to work on implementing this feature

[Polliog]

Not in our vision anymore #95