This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
Log Analytics
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Mapping of journald entries

ronmacdonald
Organizer

‎13 Jun 2025 06:00 PM - last edited on ‎16 Jun 2025 07:27 AM by Community Team

I enabled journald monitoring for our system logs on EC2 for our k8 cluster.  Looking at raw log content, it appears some fields are mapped and others are missing.  The support page mentions a few fields that it is mapping but several others appear to be dropped (i.e. _PID, _CMDLINE...).  Am I able to get insight and modify the processing rules for these logs?

Labels:
Reply
2 REPLIES 2

piotr_zemlis
Dynatracer
Dynatracer

‎18 Mar 2026 01:08 PM - edited ‎18 Mar 2026 02:01 PM

From OneAgent perspective - unfortunately, no. What is stated here in docs https://docs.dynatrace.com/docs/analyze-explore-automate/logs/lma-log-ingestion/lma-log-ingestion-vi... is hardcoded in log module. Gaining other fields would require some enhancements in the code base.

0 Kudos
Reply

StefanPostma
Dynatrace Guide
Dynatrace Guide

‎18 Mar 2026 01:11 PM

Yes you can, in Openpipeline you can add new pipelines which will be processed in order of sequence.

while adding a processor you can add an example log you have in Dynatrace already to test your parsing rule.

I just took a simple JSON as an example here, just to visualize the context. More information on the setup and examples can be found here: https://docs.dynatrace.com/docs/shortlink/openpipeline-processing-examples

 

Screenshot 2026-03-18 at 14.08.03.png

Reply
Ask a question

Featured Posts