Log Ingestion

Prerequisites

• You have added a component and environment for the application. For details, see Adding a Node and Adding an Environment.
• You have created a log group and log stream. For details, see Creating Log Groups and Log Streams. You can also directly create them on the log ingestion page.
• You have created a cluster, namespace, and workload. For details, see Cloud Container Engine (CCE) User Guide.

Precautions

• To use log ingestion, enable Application Insights in Menu Settings. For details, see Menu Settings.
• The logs of VMs running Windows cannot be reported to AOM.

Ingesting Logs

1. Log in to the AOM 2.0 console.
2. In the navigation pane, choose Application Insights (Retiring) > Log Ingestion.
3. Click Access Log in the upper right corner.
4. Complete the following configurations based on your requirements:
   1. Select Log Stream: Log files in the selected environment are to be ingested to the specified LTS log stream.
      1. Collection Configuration Name: Enter up to 64 characters. Only letters, digits, hyphens (-), underscores (_), and periods (.) are allowed. The name cannot start with a period or underscore, or end with a period.
      2. Log Group: Select a created log group from the drop-down list.
      3. Log Stream: Select a created log stream from the drop-down list.
   2. Host Group configuration: Add the hosts in the selected environment to the LTS host group.
      1. Click Select Environment.
      2. Select the application and region to which the target environment belongs.
      3. Search for or expand the application tree to select the required environment.
      4. Click OK.
   3. Collection Configuration: Set log collection rules.
      1. Collection Path: Add one or more host paths. LTS will collect logs from these paths.
      2. Collect Windows Logs: To collect logs from Windows hosts, enable this option. Filter the logs to collect by configuring Log Type, First Collection Time Offset, and Event Severity.
      3. Log Format: Specifies whether the collected log file is displayed in a single line or multiple lines.
      4. Log Time: When Log Format is set to Single-line, specify whether the log collection time (System time) or log printing time (Time wildcard) is displayed at the beginning of each log line.
         

         • System time: the time when logs are collected and sent by ICAgents to LTS.
         • Time wildcard: the time when logs are printed.
      5. Time wildcard: The log print time is used to identify a log and is displayed at the start of each log line. Logs can be filtered based on a time wildcard.
      6. Log Segmentation: must be specified if the Log Format is set to Multi-line. Log time indicates that log segmentation is implemented based on a time wildcard, whereas By regular expression indicates that log segmentation is implemented based on a regular expression.
      7. Regular Expression: used to identify a log.
      8. Click Ingest Now.

5. View your configuration in the corresponding configuration list.

Viewing and Managing Ingestion Configuration

On the Log Ingestion page, you can search for, view, edit, and delete ingestion configurations.

• Search

  On the Log Ingestion page, select the target application or component on the left and enter a keyword in the search box on the right.

• View

  You can view the created ingestion rules on the Log Ingestion page. Click a log group name in the Log Group column to go to the log group details page on the LTS console.

• Edit

  On the Log Ingestion page, click Edit in the Operation column in the row that contains the target configuration.

• Delete

  On the Log Ingestion page, click Delete in the Operation column in the row that contains the target configuration. You can also delete configurations in batches.

  

  Deleted access configurations or mapped log streams cannot be recovered. Exercise caution when performing this operation.