This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Logs are not forwarded to DT SaaS

Go to solution
100grm
Contributor

‎25 Oct 2023 11:20 AM - last edited on ‎25 Oct 2023 02:55 PM by Community Team

Hi,

What is the reason that logs are not forwarded to DT SaaS from Linux (RHEL, Rocky Linux) servers when both logs and Full-Stack monitoring are enabled? This issue persists in the paid version. Additionally, for testing purposes, I've created an account with a 15-day Free Trial version, and the situation remains unchanged. Although log monitoring is enabled, no logs can be seen in "Logs and Events."

Does this functionality should be enables explicitly by DT sales or support?

Labels:
0 Kudos
Reply
3 REPLIES 3

Go to solution
tijust1
Advisor

‎25 Oct 2023 11:34 AM

I don't believe log monitoring is available in the trial version since it consumes extra licenses. However, it would be a good idea to confirm this with support.

Thanks,

Tijust

Dynatrace Professional Certified
0 Kudos
Reply

Go to solution
Julius_Loman
DynaMight Legend
DynaMight Legend

‎25 Oct 2023 01:14 PM

Trial versions have the same functionality as paid ones. @100grm how are your Log ingest rules (log storage) rules set up? 

If you think you have set up the log ingest rules properly, I'd recommend starting by looking at the log files of the oneagent loganalytics daemon. So on the monitored host, look at /var/log/dynatrace/oneagent/loganalytics/oneagent-logmon-detailed.log and there you can see details:

[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /var/log/php#.#-fpm.log because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /var/log/syslog because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /var/log/vmware-vmsvc-root.log because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /opt/dt-eventproxy/logs/payload.log because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /opt/dt-eventproxy/logs/spring.log because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /var/lib/docker/containers/25798573de7eabb600c0fd4823c632882c89d2b213c33fad35ebfe3dc6cbc1fe/25798573de7eabb600c0fd4823c632882c89d2b213c33fad35ebfe3dc6cbc1fe-json.log because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /var/lib/docker/containers/844be141b449b2c5a2fdae1082efd51f974163f9e195a395d1cad79a3eddc882/844be141b449b2c5a2fdae1082efd51f974163f9e195a395d1cad79a3eddc882-json.log because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /var/log/apache2/access.log because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /var/log/apache2/error.log because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Process log content for /var/log/customlog.txt
[2023-10-25 12:12:03.466 UTC] [/rework/logprocessing/filelogsource.cpp] [debug] No data to process for lgi: /var/log/customlog.txt
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] For /var/log/customlog.txt processed 0 bytes (0 on aggregate) with limit set to 10485760 bytes with end state AllProcessed
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Process log content for /var/log/messages
[2023-10-25 12:12:03.466 UTC] [/rework/logprocessing/filelogsource.cpp] [debug] No data to process for lgi: /var/log/messages
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] For /var/log/messages processed 0 bytes (0 on aggregate) with limit set to 10485760 bytes with end state AllProcessed
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /var/log/nginx/access.log because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Do not process log content for /var/log/nginx/error.log because it is disabled in log storage configuration
[2023-10-25 12:12:03.466 UTC] [/rework/logmonitoring.cpp] [debug] Process content done, number of hanging background threads: 0
(END)

 

Certified Dynatrace Master | Alanata a.s., Slovakia, Dynatrace Master Partner
0 Kudos
Reply

Go to solution
100grm
Contributor
In response to Julius_Loman

‎25 Oct 2023 04:54 PM

Thanks it is exactly what I was looking. 

Log ingest should be explicitly enabled, the settings that I was missing: Settings > Log Monitoring > Log Ingest Rules: Enable Linux System logs

0 Kudos
Reply
Ask a question

Featured Posts