How to configure Monitoring logs feature in APMv8
GregorK 2700013SN6 Comments (3) Visits (11736)
IBM Monitoring 8 delivers Log File Agent (LFA) features inside OS agent. OS agent manual gives already good description how to configure this feature but I will give even more detailed with corresponding pictures.
On below url you can find official documentation about configuration:
Before you begin you have to create conf and fmt files which later you need to place to APM server. Available tags which can be used in conf file can also be found on below url.
In my experiment I have created regex1.conf and regex1.fmt files.
regex1.conf contains below two lines:
and regex1.fmt contains:
Difference from LFA agent and OS agent log file monitoring in APM8 is that you have to import conf/fmt files via APM console. To configure log file monitoring you must follow below steps:
1. Click System configuration > Agent Configuration.
Depending on the system on which you want to monitor the log files, click either the Unix OS, Linux OS, or Windows OS tab. Since I want to monitor Windows event logs I have selected Windows OS. To create a new configuration, click the (+) icon to open the New Log File Configuration window.
2. Enter a name for the configuration and a description of the configuration. In my case regex1 and Configuration discription testWin
3. On the OS agent tab, select the configuration that you uploaded.
4. To deploy the configuration, in the Log Configuration Distributions List table, select the agents to which you want to deploy the configuration and click Apply Changes. When this is done, Distribution attribute will change from 0 to 1.
When this is done navigate back to NT OS agent dashboard where you will see under Log Files widget your created Log Monitoring configuration:
If you click on your configuration (regex1) below workspace will open where you can see all your monitored event logs:
When you click on define event logs you can see all matched events:
When you click on event you will see detailed information:
Hope this blog was helpful.... Gregor
Subscribe and follow us for all the latest information directly on your social feeds: