Hello, Currently Dynatrace monitors only Application,System & Security Log files from the path C:\Windows\System32\winevt\Logs but there are other logs too that are not monitored and Dynatrace doesnt provide a way to manually configure these log files. Manually adding log files are provisioned only at process level but not at Host level. Is there a way to achieve this? May be a plugin?
Solved! Go to Solution.
Hi @Srinivas V.
Please, add a line (CustomFile=Process Group Id, log path) in
CustomFile=0x201744FC09941B85, C:\Windows\System32\winevt\Logs\Windows PowerShell.evtx
Hi @Srinivas V.
>>Which process group to choose? as i said these are host level logs <<
My mistake, I thought that the problem is, that you would like to add *.evtx only from one host ->> that's why I mentioned about this possibility
>>I added this entry for a random processgroup, but dynatrace hasnt detected it <<
I have just tested this solution and it works.
Check please, that you used a proper PG ID (not PGI ID)
If you want, I can check your configuration (give me the link)
You can do this from the settings page. To get there, navigate to the host you intend to collect more log files off of, and once there select '...' or "edit" and select log Analytics. From there you will be able to add a log detection rule at the host level and not at the process level.
Let me know if you need a hand with this.
interesting, Granted its been a while since we've done this, but i did see where you might need to go to the windows systems at a process level and define the location. Im confirming this now with support:
TO have it at the host level, you will need to adjsut the Config file and then recycle the oneagent, here are the steps to do so:
You can only change it in the UI at the process level.
For host level you will need to do the following:
1.) Navigate to the following Directory :
2.) Edit the ruxitagentloganalytics.conf File
- If this file does not exist, copy the ruxitagentloganalytics.conf.template file and paste the copy into the directory as listed in step 1, but rename it to ruxitagentloganalytics.conf.
3. Ensure that the following is included in the Config file: (If not, add AppLogAutoDetection=true)
false, logs won't be auto-detected.
4.) Put in the following in the log file : (Put in the Path of the log file)
5.) Save the file and recycle the Oneagent, this will then allow the oneagent to find and capture the log file that you just defined.
Hi Chad, when i add the Logpath it wont allow me to add any new files at host level, it just starts monitoring all the log files it autodiscovered and says any new log will be monitored automatically