30 Jan 2025 10:28 AM
30 Jan 2025 05:05 PM
It all will depend on a few variables, such as how the logs are being ingest (OneAgent, OTel, FluentD/FluentBit), how big the logs are, what sort of log extraction metric rules are being used, how many logs are being ingest at one time, etc...
In general, the logs should be available to view/query over within 5 minutes of them being ingest into Dynatrace. If it's taking longer than that, it could be a sign that the Cluster is unable to keep up with the rate at which logs are being ingest.
31 Jan 2025 04:14 AM
Heya @Krishnamoorthi ,
As @bsnurka mentioned, the log ingestion depends on how the logs are coming to Dynatrace. Whether you are pushing the logs via an external source or via OneAgent. If it is OneAgent, once you configure your ingest rules, it would be within 5 minutes you'd be seeing the log. If it is a first-time config it takes this time to discover the log sources and stream them. After the first record has come, the log ingest happens every minute.
Also, there might be restriction on some paths which you need to override first for them to be streamed to Dynatrace. One such example is dynatrace logs itself. By default, even if you configure the path of dynatrace log file it won't monitor those. you need to go to advanced log setup and enable "Allow" to stream dynatrace logs.
So, if you can give more details on what you're trying to achieve maybe someone from us can help.