Best practices for log management

Effective log management is crucial for efficient application troubleshooting and maintaining optimal performance.

Auto-discovery: Enable auto-discovery when creating a new log type to automatically collect specific log types from multiple servers, ensuring comprehensive data gathering.
Upload limits: Set maximum upload limits for each log type to control storage usage and prevent excessive data accumulation.
Filter configuration: Set up precise filters to refine log searches, reduce noise, and focus on relevant data for faster troubleshooting.
Collect logs from: Define the starting point for log collection. By default, logs modified within the last 24 hours are collected. If needed, configure this to collect older logs (e.g., 24 Hours Ago, 2 Days Ago, 3 Days Ago, or 7 Days Ago).
Log time zone: If the time zone is not present in the log line, manually select the correct time zone to avoid discrepancies. Otherwise, the system fetches the time zone from the monitoring agent’s machine.
Log pattern validation: Even for default log types, validate the log pattern by adding another sample log and testing its accuracy before finalizing the configuration.

Data type: Define appropriate data types (e.g., number) for fields to facilitate accurate aggregation and analysis.
Sensitive data handling: Configure the system to hash or mask sensitive information before ingestion to address security and privacy concerns.

Retention limits: Logs are retained based on the configured retention policy. Review your plan or system settings to ensure they meet your compliance and operational needs.
Log usage summary: Check the log usage summary to monitor how different log types consume available licenses.

Saved search: Create and save frequent searches to quickly access critical log data without reentering queries.
Adding alerts: Configure log-based alerts to identify failures and performance issues in real time.
Derived field support: Use derived fields to extract and structure key data from logs for more effective analysis and reporting.
Search options: Utilize various search functionalities to effectively filter and analyze logs during issue resolution.
Troubleshooting log collection errors: Check log file paths and agent permissions to resolve log collection issues efficiently.

When using server monitoring, enable log collection to gain deeper insights. Logs help correlate system events, errors, and performance metrics, enhancing visibility.

On this page