Solved: Custom autodetector rules for log files

m3tomlins · ‎18 Mar 2025

We are curious if there is a way to customize the listing of the Built-in Autodetector Rules. We see the OneAgent (logmonitoring.cpp) interrogating a database log file on a custom volume/mount point:

[2025-02-18 15:07:16.249 UTC] [/rework/logmonitoring.cpp] [info] Creation ignored for LGI: Z:\custom_sql_logs\my_custom_log_file_#.ldf due to unsupported encoding/binary status (This message was ignored 59 times.)

Above, even though the .ldf file is ignored due to "unsupported encoding" we are seeing that the detection function itself is still creating an issue with log file access, creating latency that disrupts our database traffic.

Custom Log Source doesn't have Exclude feature and Log Security Settings don't stop the autodetector.

For performance, compliance and security reasons we'd like configure the OneAgent to completely ignore and not even touch or look at those files (.ldf, .mdf, .ndf).

Dynatrace AllStar | Community Champion | @m3tomlins | @performacology | Dynatracer at FreedomPay

m3tomlins · ‎19 Mar 2025

@dmitchell shared an answer, so I relay it here, from the documentation...(that I missed):

"Default security rules: if a custom log source includes files disallowed by security rules, these files will be ignored by Log Agent. Default security rules do not block any automatically detected files. If you alter the security rules to be more strict, blocking some automatically detected files, it will result in auto-detection ignoring these files accordingly."

We're gonna test this and confirm! Thanks Devon!

Dynatrace AllStar | Community Champion | @m3tomlins | @performacology | Dynatracer at FreedomPay