23 Sep 2024 07:39 AM - last edited on 08 Oct 2024 10:15 AM by GosiaMurawska
our application creates log directory on daily basis i.e. /data/log/20240923 for 23rd sept but while configuring custom log source we could only do /data/log/* as creating custom log source on daily basis(datewise) is not possible and the process groups are assigned date folder logs i.e. /data/log/20240923/##.log as part of auto log discovery
hence problem raised using event extraction are getting assigned to process group instead of host as log was already being monitored by process group as part of auto log discover, but for us it has to be always assigned to host to make remediation work.
is there any way we can do that one workaround? we found is creating log source daily date wise at host level but that task is tedious.
03 Oct 2024 07:44 PM - edited 03 Oct 2024 07:45 PM
Hey @bd ,
Not sure if you're still looking for answer but there are few properties which you can configure while creating metric events or log events. These properties are key-value pairs that help in certain tasks like re-assigning the problems to Host instead of process_group. Please find the reference attached.