Controller (SaaS, On Premise)

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Send selected logs to controller using log analytics agent

Jasmitha.Meka
Explorer
‎06-17-2019 12:22 AM
‎06-17-2019 12:22 AM

Send selected logs to controller using log analytics agent

Hi team,

 

We have deployed analytics-agent with machine agent in a server and configured pattern to grok logs of application. We are able to see logs in Controller UI.

 

We want to send only level=ERROR logs to controller. How can this be achieved?

 

Job  file:

 

version: 2
enabled: true
source:
    type: file
    path: /data/logs
    nameGlob: app.log
    startAtEnd: true

fields:
   sourceType: xxx

grok:
  patterns:
    - '%{TIMESTAMP_ISO8601:timestamp} %{LOGLEVEL:level} \[%{DATA:thread}\] %{DATA:class} %{GREEDYDATA:message}'

eventTimestamp:
   pattern: "yyyy-MM-dd HH:mm:ss,SSS"

Thanks,

Jasmitha M

 

0 Kudos
Reply
Send selected logs to controller using log analytics agent