Server

To collect logs by your server application, check the following:

Agent Update

It is available from Server agent 2.1.2. For more information about update, see the following.

Checking the agent settings

Home > Select Project > Log > Log Setting

Select a project in the initial screen of the WhaTap monitoring service, and then select Log > Log Setting under Project Menu. In the OS selection tab at the top of Check Agent CONF., select a server OS (Linux (shell), Windows (Powershell)). See Basic Installation or Install with Category for the process.

Note

The following configuration requires restart of the agent.

Linux Shell

• Basic installation

  Linux Shell

  export LOGFILES=/some/path/file1,/some/other/file2
  echo "logsink.files=$LOGFILES" | sudo tee -a /usr/whatap/infra/conf/whatap.conf

• Install with Category

  Linux Shell

  cd /usr/whatap/infra
  sudo mkdir extension
  
  cat <<EOL | sudo tee extension/logsink.conf > /dev/null
  [[inputs.logsink]]
    category = "serverlog"
    ## Whether to transfer the log generation statistics as separate data
    stats_enabled = true 
    ## Log generation statistics category
    stats_category = "logsink_stats"
    ##  Set the log file name to be excluded if the log file path contains asterisk (*). 
    excludeNames = [ ".gz",".zip" ] 
    [[inputs.logsink.file]]
      ## When setting a log file, you can set the date pattern (strftime.org).
      path = "/some/path/%Y-%m-%d/.log" 
      disabled = false
      encoding = "utf-8"
  
    [[inputs.logsink.file]]
      path = "/some/other/log"
      disabled = false
      encoding = "utf-8"
  
    [[inputs.logsink.file]]
      ## When searching for the keyword in the line-by-line log, merge it with the previous log.
      nowrap_keywords = ["Caused by:", "Test"]
  
    [[inputs.logsink.file]]
    ## When entering the project code and project license, the logs can be transferred to a desiged project in the same region.
    # pcode = Project code
    # license = "Project license"
  
    [[inputs.logsink.file]]
    # whatap_host_ip = "Collection server IP1/Collection server IP2"
    # whatap_host_port = 6600
  EOL
  
  sudo service whatap-infra restart

Windows Powershell

• Basic installation

  Windows Powershell

  $LOGFILES="c:\\whatap\\logs\\%Y-%m-%d\\*.log,c:\\whatap\\logs\\*.log"
  Add-Content "c:\Program Files\WhatapInfra\whatap.conf" -Value "logsink.files=$LOGFILES"

• Install with Category

  Windows Powershell

  # The administrator role required
  New-Item -type "Directory" -Path "C:\Program Files\WhatapInfra\extension"
  
  $contentToAdd = @"
  [[inputs.logsink]]
  category = "serverlog"
  ## Whether to transfer the log generation statistics as separate data
  stats_enabled = true 
  ## Log generation statistics category
  stats_category = "logsink_stats"
  ## Set the log file name to be excluded when the log file path contains asterisk (*). 
  excludeNames = [ ".gz",".zip" ] 
  [[inputs.logsink.file]]
  ## The date pattern (strftime.org) can be entered when setting the log file. 
  path = "c:\\whatap\\logs%Y-%m-%d_.log"
  disabled = false
  encoding = "euc-kr"
  
  [[inputs.logsink.file]]
  ## When searching for the keyword in the line-by-line logs, it merges with the previous log.
  nowrap_keywords = ["Caused by:", "Test"]
  
  [[inputs.logsink.file]]
  ## When entering the project code and project license, logs can be transferred to a desired project in the same region.
  # pcode = Project code
  # license = "Project license"
  
  [[inputs.logsink.file]]
  # whatap_host_ip = "Collection server IP1/Collection server IP2"
  # whatap_host_port = 6600
  
  "@
  
  New-Item -path "C:\Program Files\WhatapInfra\extension" -name "logsink.conf" -type "file" -value $contentToAdd -Force
  
  Restart-Service "Whatap Infra"

Configuring options

• stats_enabled: Set whether or not to collect the collection status data. The default value is false. The value must be set to true. If set to true, statistical data is generated in the category (logsink_stats) set in the following stats_category.

• stats_category: Set the metrics category to store the collection status data in. The value must be set to logsink_stats. Statistical data fields are as follows:

  • file
  • checkInterval
  • encoding
  • filepos
  • checkedLocalTime
  • lastupdatedLocalTime
  • fileSize
  • error
  • firstCheck
  • transferBytes

• excludeNames: By including asterisks (*) in the log file path, you can set the file name to exclude non log files. You can set multiple values using comma (,) as a separator.

  Example

  excludeNames = [ ".gz",".zip" ]

• nowrap_keywords: While searching logs by line, if any keyword is detected by a specified option value, it is merged with the previous log.

• pcode: Enter the project code of the same region to which you want to send the logs.

• license: Enter the license code of the project in the same region to which you want to send the logs.

Note

In case of the pcode and license options, it is supported from Server Agent 2.7.4 or later.

Configuring the log options for Windows events

When collecting Windows event logs, you can set the options as follows:

# The administrator role required
New-Item -type "Directory" -Path "C:\Program Files\WhatapInfra\extension"

$contentToAdd = @"
[[inputs.win_eventlog]]
    category = "win_event_log"
    stats_category = "win_event_log_stats"
    stats_enabled = true
    enabled = true
    [[inputs.win_eventlog.file]]
        #true | false
        enabled = true
        # Application, Security, Setup, System, Forwarded
        file = "Application"
        #1: Information, 2: Warning 3: Error 4: Audit Success 5 Audit Fail
        #event_type = 
        #event id
        #event_id = 
        #event source name
        #source_name = ""
        #When entering the project code and project license, logs can be transferred to the desired project in the same region.
        #pcode = Project code
        #license = "Project license"
        #whatap_host_ip = "Collection server IP1/Collection server IP2"
        #whatap_host_port = 6600

"@

New-Item -path "C:\Program Files\WhatapInfra\extension" -name "win_eventlog.conf" -type "file" -value $contentToAdd -Force

Restart-Service "Whatap Infra"

• It is required to specify the category.

  e.g. win_event_log

• It is required to specify the statistics category (stats_category).

  e.g. win_event_log_stats

• The statistics category On/Off (stats_enabled) is required.

  e.g. true or false

• The collection On/Off (enabled) is required.

  e.g. true or false

• The file-based collection On/Off (enabled) is required.

  e.g. true or false

• The file (file) is required.

  e.g. Application, Security, Setup, System, Forwarded

• The event type (event_type) is optional.

  e.g. 1, 2, 3, 4, 5

  Note

  Event type

  1. Information

  2. Warning

  3. Error

  4. Audit Success

  5. Audit Fail

• The event ID (event_id) is optional.

• The event source name (source_name) is optional.

• Project code (pcode) optional

• Project license (license) optional

Note

• For Windows event log collection, the Server Agent 2.5.2 or later is supported.

• Among the Windows event log options, pcode and license are supported in the Server Agent 2.7.4 or later.

Specifying and separating multiple files

Specifying multiple files

To categorize multiple log files under the same category, add each log file path into the [[inputs.logsink.file]] entry and specify the file path by using the path setting. Additionally, you can configure additional settings, such as log generation statistics and options such as category, stats_enabled, and stats_category. The example is where the /root/test1 and /root/test2 files are assigned the same category (serverlog).

[[inputs.logsink]]
  category = "serverlog"
  stats_enabled = true
  stats_category = "logsink_stats"
  excludeNames = [ ".gz",".zip" ]

[[inputs.logsink.file]]
  path = "/root/test1"
  disabled = false
  encoding = "utf-8"

[[inputs.logsink.file]]
  path = "/root/test2"
  disabled = false
  encoding = "utf-8"

Note

For information about options such as category, stats_enabled, stats_category, and nowrap_keywords, see the guidance above.

In this example, you can see the following in Live Tail.

File separation

To specify different categories for log files, create separate logsink{number}.conf files and then set different category values ​​in each file. The following example shows how to set different log categories through logsink.conf and logsink1.conf.

logsink.conf

# cat logsink.conf
[[inputs.logsink]]
  category = "serverlog1"
  stats_enabled = true
  stats_category = "logsink_stats"
  excludeNames = [ ".gz",".zip" ]

[[inputs.logsink.file]]
  path = "/root/test1"
  disabled = false
  encoding = "utf-8"

logsink1.conf

#cat logsink1.conf
[[inputs.logsink]]
  category = "serverlog2"
  stats_enabled = true
  stats_category = "logsink_stats"
  excludeNames = [ ".gz",".zip" ]

[[inputs.logsink.file]]
  path = "/root/test2"
  disabled = false
  encoding = "utf-8"

Note

For information about options such as category, stats_enabled, stats_category, and nowrap_keywords, see the guidance above.

In this example, you can see the following in Live Tail.

Enabling the log monitoring

Home > Select Project > Log > Log Setting

You can enable or disable the WhaTap log monitoring with the toggle button in the Activate log monitoring tab of the Starting the log monitoring section.

• If you turn on , the log monitoring is enabled. You can try for free for 15 days from the activation date.
• If you turn off , the log monitoring is disabled. Logs are no longer saved.

Note

Role

After agent installation, you can enable the log monitoring settings only when you have the edit permission on the project. For more information about the roles, see the following.