Skip to content

Logs

In modern infrastructure, thousands of log events can be generated every minute. These logs follow specific formats, usually contain timestamps, and are generated by servers, outputting to different files such as system logs, application logs, and security logs. However, logs are scattered across various servers, and once a system failure occurs, it is necessary to log in to each server to check the logs to determine the cause of the failure, which significantly increases the complexity of troubleshooting.

Faced with such a large amount of data, it is necessary to decide which logs should be sent to a log management solution and which should be archived. If logs are filtered before being sent, critical information may be missed or valuable data may be mistakenly deleted.

To improve the efficiency of fault diagnosis, comprehensively grasp the system status, and avoid being passive in emergency situations, it is crucial to achieve centralized management of logs and provide centralized retrieval and correlation analysis functions.

Through powerful log collection functions, log data is uniformly reported to the workspace, and subsequent operations such as centralized storage, auditing, monitoring, alerting, analysis, and export of collected logs are performed, simplifying the log management process. This method can avoid the problems that may arise from filtering logs before sending them, ensuring that all critical information can be properly processed and analyzed.

Features

  • Query and Analysis

    Automatically identify log status, quickly filter and correlate logs, aggregate similar texts, help quickly discover and analyze anomalies, and accelerate troubleshooting

  • Pipelines

    Cut the text content of logs and convert them into structured data, including extracting timestamps, statuses, and specific fields as tags

  • Generate Metrics

    Generate new metric data based on existing data in the current space, thereby designing and implementing new technical metrics according to requirements

  • Log Index

    Filter log data that meets the conditions and archive them in different indexes, and select data storage strategies for log indexes

  • Log Blacklist

    Customize filtering rules for log collection. Log data that meets the conditions will no longer be reported to TrueWatch, helping to save log data storage costs

  • Data Forwarding

    Save logs, traces, and user access data to TrueWatch's object storage or forward to external storage, flexibly manage data forwarding data

  • Data Access

    By setting role access permissions and data desensitization rules, you can more finely control access to log data while properly handling sensitive information