I want to monitor log files and some custom files from /tmp/log_folder on a linux server.
On the Linux box, the desired logs are scripted to /tmp/log_folder/ and this folder will be monitored by the UF.
There is a script to clear out the folder every hour, any file older than 1 day.
So far, I installed a UF on the server.
Besides creating an inputs app (inputs.conf) on the UF and adding the monitoring stanza
[monitor///tmp/log_folder/*]
index=special_logs
sourcetype = log_sourcetype
ignoreOlderThan = 1d
Do I need to add anything else?
Thank you
↧