• Home
  • How to use Dynatrace
  • Log Monitoring
  • Log Monitoring configuration

Log Monitoring configuration

By default, Log Monitoring is activated in your Dynatrace environment. You can confirm Log Monitoring is enabled or you can enable it globally or on a host level but, checking the status and enabling or disabling Log Monitoring is optional in most cases. If you plan to use Log Monitoring, you can focus on OneAgent settings that directly affect how Log Monitoring is operating. See OneAgent settings.

Check Log Monitoring status

optional

You can check if Log Monitoring is enabled in your Dynatrace environment globally (Dynatrace web UI), or you can check if Log Monitoring is enabled on a host level (OneAgent CLI).

  • To check if Dynatrace Log Monitoring is enabled globally:

    1. In the Dynatrace menu, go to Settings > Monitoring > Monitored technologies.
    2. Find Log Monitoring in the list of supported technologies, and select Edit (pencil icon).
    3. Check if Monitor Log Monitoring on every host option is enabled.

  • To check if Dynatrace Log Monitoring is enabled on a host level:
    Use OneAgent CLI and execute the oneagentctl command with the --get-app-log-content-access parameter to check whether Log Monitoring is enabled:

    • Linux: ./oneagentctl --get-app-log-content-access
    • Windows: .\oneagentctl.exe --get-app-log-content-access

Enable or disable Log Monitoring

optional

Similarly to checking Log Monitoring status, you can enable or disable Log Monitoring in your Dynatrace environment globally (Dynatrace web UI), or on a host level (OneAgent CLI).

  • To activate Dynatrace Log Monitoring globally:

    1. In the Dynatrace menu, go to Settings > Monitoring > Monitored technologies.
    2. Find Log Monitoring in the list of supported technologies, and select Edit (pencil icon).
    3. Turn on Monitor Log Monitoring on every host.

  • To enable or disable Dynatrace Log Monitoring on a host level:
    Use OneAgent CLI and execute the oneagentctl command-line interface to execute the following command at the individual host level.
    Set the --set-app-log-content-access parameter to true or false to disable or enable Log Monitoring:

    • Linux: ./oneagentctl --set-app-log-content-access=true
    • Windows: .\oneagentctl.exe --set-app-log-content-access=true

    Restart OneAgent service to apply changes.

OneAgent Settings

Dynatrace Log Monitoring uses OneAgent log module enabled by default with all OneAgent installations. While Log Monitoring does not require any specific configuration, you can modify some of the options available for OneAgent log module.

You can adjust:

  • Enable and disable automatic log detection for different technologies.
  • Define default timezone in containers.
  • Enable defining the storage configuration by a configuration file on the host.
  • Define specific location where the timestamp and severity occur in your incoming log data.
  • Define the maximum number of log group instances per entity.

Global OneAgent settings for Log Monitoring

  1. From the Dynatrace menu, select Settings > Log Monitoring > OneAgent settings.
  2. Adjust settings and Save changes.

Host-specific OneAgent settings for Log Monitoring

  1. In the Dynatrace menu, go to Hosts and select your Linux host.
  2. On the host overview page, select More (…) > Settings in the upper-right corner of the page.
  3. On the Host settings page, select Log Monitoring and OneAgent settings.
  4. Adjust settings and Save changes.

Default OneAgent settings

SettingDefault

Detect IIS logs

enabled

Detect system logs

enabled

Detect logs on NFS

disabled

Monitor OneAgent logs

disabled

Detect logs inside containers

enabled

Set UTC as default timezone in containers

enabled

Timestamp search limit

64 bytes

Severity search chars limit

100 bytes

Severity search lines limit

2

Maximum of log group instances per entity limit - count

200

Configuration File optional

The configuration file located on each OneAgent is used to set three options. For security reasons, these options can only be set on the host level and are available only by creating a JSON file in a specific location:

  • Linux: /var/lib/dynatrace/oneagent/agent/config/
  • Windows: %PROGRAMDATA%\dynatrace\oneagent\agent\config\

The configuration file name must have the json extension; the file name is otherwise unrestricted.

By default, these options are set for the OneAgent log module to operate properly and to auto-detect log files on the specific host. Modifying this configuration file is not required.

Multiple configuration files

You can have multiple JSON configuration files in the configuration folder. Files are evaluated in alphabetical order. Options from the last evaluated file takes priority.

Preexisting configuration files

If your OneAgent installation is upgraded, you may find a _migratedloganalytics.conf.json file that contains your configuration migrated from the ruxitagentloganalytics.conf on your host.

During installation, the OneAgent installer may create _loganalyticsconf.ctl.json, which will contain options used during the installation. The same file will be used to store relevant options set by the OneAgentCtl tool.

Available options

  • AppLogContentAccess
    Enables access to the log file content on this host. If set to false, the log file will be displayed in the user interface, but the content won't be accessible. Note that the OneAgent will still auto-detect log files unless the flag AppLogAutoDetection is set to false.

  • AppLogRemoteConfiguration
    Enables the manual configuration of logs to be accessed and monitored. If set to false, it won't be possible to add logs manually using the settings interface.

  • AppLogAutoDetection
    Enables auto-detection of log files on this host. If set to false, logs won't be auto-detected.

Example

json
{
  "agent-configuration": [
    {
      "AppLogRemoteConfiguration": true,
      "AppLogContentAccess": true,
      "AppLogAutoDetection": true
    }
  ]
}