Log Monitoring Classic
This setting is available only to Dynatrace Managed deployments with environments using Log Monitoring Classic.
Dynatrace allows you to exclude specific log sources for storage. Using logs matched by rules, you can control which logs should not be stored in your deployment but still be processed by log metrics and log events.
The configuration is based on rules that use Matchers to determine the storage of log files known to OneAgent, auto-detected log files, and custom log files defined per process group.
Go to Settings > Log Monitoring > Log drop rules to view log drop rules that are in effect, reorder the existing rules, and create new rules. Rules are executed in the order in which they're listed, from top to bottom. This order is critical because a preceding rule may impact the log data that a subsequent rule uses in its definition.
Expand Details to examine a rule definition. A log drop rule consists of the following:
You can turn any rule on or off in the Enabled column.
To create a log processing rule
Select Add rule on the Log drop rules page.
Provide the name for the log drop rule.
Provide a log query in the Matcher section.
A log search query narrows down the available log data for executing this specific rule. This is the same search query that you have been using in the log viewer search query (Log viewer).
Save changes.
You can use the Settings API to manage your log drop configuration:
To check the current schema version for log drop configuration, list all available schemas and look for the builtin:logmonitoring.log-drop-rules
schema identifier.
To create a log drop configuration using the API:
Create an access token with the Write settings (settings.write
) and Read settings (settings.read
) permissions.
Use the GET a schema endpoint to learn the JSON format required to post your configuration. The log drop configuration schema identifier (schemaId
) is builtin:logmonitoring.log-drop-rules
. Here is an example JSON payload with the log drop configuration:
...{"objectId": "Y2ktaGdyb3VwLTEyMythZjhjOThlOS0wN2I0LTMyMGEtOTQzNi02NTEyMmVlNWY4NGQ=","schemaId": "builtin:logmonitoring.log-drop-rules","externalId": "string","scope": "HOST-123","value": {"enabled": true,"ruleName": "John Smith rule","matcher": "user.id=\"smith.john@mycompany.com\""},"schemaVersion": "1.0.1","insertAfter": "Y2ktaGdyb3VwLTEyMythZjhjOThlOS0wN2I0LTMyMGEtOTQzNi02NTEyMmVlNWY4NGQ="}...
Use the POST an object endpoint to send your configuration.
You can create a log metric from dropped logs by extracting values from the logs and discarding the original log data. This method: