• Home
  • Observe and explore
  • Logs
  • Log Management and Analytics
  • Log ingestion via OneAgent

Log ingestion via OneAgent

powered by Grail

OneAgent is a powerful tool for automatically discovering and ingesting log and event data from a vast array of technologies. It supports multiple configurations of timestamps, masking sensitive data, detecting log rotation patterns, and much more. OneAgent is built for enterprise-scale operation, which lets you orchestrate a fleet of OneAgent instances centrally with as much granularity in a configuration as required.

OneAgent log configuration flow

To configure OneAgent log ingestion, use the following options:

  • optional Log auto-detection: Configure the OneAgent detection mechanism. From the Dynatrace menu, go to Settings > Log Monitoring > OneAgent configuration.

  • optional Custom log source configuration

  • required Log storage configuration: Define ingestion rules for log sources known to OneAgent.

    This configuration is required for auto-detected and custom log sources.

  • optional Sensitive data masking

  • optional Timestamp configuration

LMA - OneAgent log ingestion and processing configurations at capture

OneAgent log module

Check out the OneAgent platform and capability support matrix and deploy OneAgent to your environment.

  • OneAgent platform and capability support matrix

Log data discovery

Understand how OneAgent automatically discovers log data.

  • Log content autodiscovery

Learn how OneAgent monitors rotation patterns for log files.

  • Log rotation patterns

You can add custom log sources for OneAgent to discover.

  • Custom log source

Log storage configuration

You can create rules for sending logs to Dynatrace (includes automatically discovered and custom logs).

  • Log storage configuration

Log enrichment

You can transform logs ingested via OneAgent by automatically creating and extracting log attributes from log content.

  • Automatic log enrichment

Sensitive data

You can set up OneAgent to mask any information that you consider to be sensitive so it doesn't reach Dynatrace in plain text.

  • Sensitive data masking in OneAgent

Timestamps

Learn how OneAgent supports timestamps, or you can optionally configure a custom timestamp pattern specific to your case.

  • Supported timestamp formats
  • Timestamp configuration

Logs from containers

OneAgent also supports collecting logs from Docker containers and Kubernetes container orchestration systems.

  • Log Monitoring in Docker
  • Log Monitoring in Kubernetes

Configure OneAgent for logs

  1. Make sure that the OneAgent log module is supported in your deployment or environment.

    • OneAgent platform and capability support matrix
  2. Check out the supported timestamps; if necessary, you can configure your custom timestamp pattern.

    • Supported timestamp formats
    • Timestamp configuration
  3. Check out how OneAgent automatically discovers log data; if necessary, you can add a custom log source.

    • Log content autodiscovery
    • Custom log source
  4. Create rules for sending log data to Dynatrace (including log data from automatically discovered and custom logs).

    • Log storage configuration
  5. Set up sensitive data masking to prevent private information from reaching Dynatrace.

    • Sensitive data masking in OneAgent

OneAgent also supports collecting logs from Docker containers and Kubernetes container orchestration systems.

  • Log Monitoring in Docker
  • Log Monitoring in Kubernetes

Alternative to ingestion via OneAgent

As an alternative to OneAgent for monitoring your log data, you can use generic ingestion to collect logs via API.

  • Generic log ingestion
Related topics
  • Automatic log enrichment

    Generic log ingestion automatically transforms log data into output values for the loglevel attribute.