obtaining a log generated by one or more components in an information technology environment;

applying the log as an input to a first artificial intelligence model trained to predict log sourcetypes;

determining that the log has a first log sourcetype based on an output of the first artificial intelligence model;

selecting a second artificial intelligence model in response to the determination that the log has the first log sourcetype;

applying the log as an input to the second artificial intelligence model trained to extract a data field from a log applied to the second artificial intelligence model as an input;

in response to a successful extraction of a first data field from the log, causing the first data field extracted from the log by the second artificial intelligence model to be displayed in a user interface; and

in response to an unsuccessful extraction of the first data field from the log, causing the user interface to indicate that no data field is extracted from the log and to depict a user interface element that, when selected, causes the user interface to display the log and a prompt to markup the displayed log for use in one of updating or retraining the second artificial intelligence model.