Follow the steps below to find out the details about available integrations:

  1. Log in to OpsRamp Portal.
  2. Navigate to Infrastructure > Logs.
  3. On the left side of this page, click the hamburger Menu icon.
  4. From the MY LOGS VIEWS page, select Logs Configuration.
  5. You can find available integrations under INGESTION tab.

Logs Configuration

Introduction

Log Configurations define rules for detecting and ingesting logs. For example, what paths you would like to ingest logs from, how you like to parse these logs, and any data masking rules for sensitive information. A full list of configuration options is available in this document.

Custom app logs configuration

Once you have added a custom app definition in the APP DEFINITIONS, you can now set up log configuration for the custom application from the INGESTION.

To set up log configuration:

  1. Navigate to Infrastructure > Logs.

  2. On the left side of this page, click the hamburger Menu icon.

  3. From the MY LOGS VIEWS > QUICK LINKS, select Logs Configuration.

  4. You can find the custom app created under INGESTION > CUSTOM.

  5. Click the custom app you have created.
    The LOG CONFIGURATION page is displayed.

  6. You can select the default configuration or add a new log configuration from the page.

  7. Select Default Configuration to make the changes to the default template.
    You can make changes to the template by providing values against the data provided in the template.

  8. By default, the Enable Configuration checkbox is checked. If you want to disable the log ingestion for the app, you can uncheck the Enable Configuration checkbox.

  9. Click SAVE once you have made the changes.
    The data is now saved, and logs will be ingested based on the configuration settings.

  10. Click Add on the LOG CONFIGURATION page to add a new configuration. The Add Custom Configuration page is displayed.

  11. In the Add Custom Configuration page:

    • Enter the name for the configuration.

    • Select the priority value from the Priority field. The priorities are assigned with a numerical value, the configuration with the highest value will be considered first.

    • To assign resources to the log configuration, click FILTER.
      The RESOURCES page is displayed.

    • You can filter the resources using LOGQL attributes. Once you select the resources, click DONE.

    • You can make changes to the template by providing values against the data provided in the template.

  12. Click SAVE.
    The configuration file for the custom app is saved and logs will be ingested as per the settings made.

Default app logs configuration

To set up log configuration for a default app:

  1. Navigate to Infrastructure > Logs.

  2. On the left side of this page, click the hamburger Menu icon.

  3. From the MY LOGS VIEWS > QUICK LINKS, select Logs Configuration.

  4. You can find the custom app created under INGESTION > DEFAULT. The LOG CONFIGURATION page is displayed.

  5. You can select the default configuration or add a new log configuration from the page.

  6. Select Default Configuration to make the changes to the default template.
    You can make changes to the template by providing values against the data provided in the template.

  7. By default, the Enable Configuration checkbox is checked. If you want to disable the log ingestion for the app, you can uncheck the Enable Configuration checkbox.

  8. Click SAVE once you have made the changes.
    The data is now saved, and logs will be ingested based on the configuration settings.

  9. Click Add on the LOG CONFIGURATION page to add a new configuration. The Add Custom Configuration page is displayed.

  10. In the Add Custom Configuration page:

    • Enter the name for the configuration.

    • Select the priority value from the Priority field. The priorities are assigned with a numerical value, the configuration with the highest value will be considered first.

    • To assign resources to the log configuration, click FILTER.
      The RESOURCES page is displayed.

    • You can filter the resources using LOGQL attributes. Once you select the resources, click DONE.

    • You can make changes to the template by providing values against the data provided in the template.

  11. Click SAVE.
    The new log configurations have been added and will be displayed on the LOG CONFIGURATIONS page.

Windows Event Log

To filter the Windows Event logs on event ID, you need to add the below config to the log configuration YAML:

filters:
  - attribute_type: attributes
    key: "event_identifier"
    exclude: "" #event identifier value in quotes