Set Up Continuous Log Collection Using Management Agent

To continuously collect log data from your entities, install the Management Agent on your host. Before that, ensure that you have completed the prerequisite tasks for using the Management Agents.

Topics:

Types of Logs You can Collect Using Management Agent

Source Type Description
File

Collects logs from local, or network mounted storage on an OCI compute instance or host. This type is typically used for locally running applications on the instance.

See Ingest Application, Infrastructure, Database and Other Generic Logs.

Syslog Listener

Listens for incoming syslog messages on a port. This type is typically used for remote network devices.

See Set Up Syslog Monitoring.

Database

Runs database queries regularly and collects each row as a log entry. It can work with database either locally on the host that the management agent is on, or remotely. This type is typically used to collect database logs or application logs that are stored inside a database.

See Set Up Database Instance Monitoring.

REST API

Runs a predefined REST API operation regularly and returns response payload as log data. This type is typically used to collect logs from a cloud service such as Oracle Fusion Apps.

See Set Up REST API Log Collection.

Microsoft Windows Event System

Collects logs from Microsoft Windows Event Service channels as they are generated. This type is typically used for Windows security use cases.

See Set Up Windows Event Monitoring.

Oracle Diagnostic Logging (ODL)

Collects logs from local, or network mounted storage on an OCI compute instance or host that are written in the Oracle Diagnostics Logging (ODL) format. This format is commonly used for application level logging in Oracle Fusion Middleware.

See Ingest Logs of Oracle Diagnostic Logging (ODL) Format.

Typical Workflow to Set Up management Agent

Task More Information
Create the required IAM policies Allow Continuous Log Collection Using Management Agents
Ensure that the management agent has the correct privileges to read the log files Grant READ Access of the Logs to the Agent User on Your Host
Install Management Agents on your log-emitting hosts. Ensure to deploy the Log Analytics plug-in when installing the agent. Install Management Agents
Optionally, to create a single point of communication between the Management Agents and the Oracle Cloud Infrastructure, install Management Gateway. Workflow for Installing Management Gateway
Check if the entity already exists for your use case. For example, when the Management Agent is enabled on a compute instance, related host and agent entities are automatically created. If not, then create an entity.

The type of the entity that you select or create must match the entity type specified in the Source.

Create an Entity to Represent Your Log-Emitting Resource
Check if any of the available Oracle-defined parsers and sources are suitable for parsing and collecting your logs by examining their parameters. If not, then create them. Create a Parser and Create a Source
Associate the entity with the source Configure New Source-Entity Association
Check if there are warnings during log collection, and work on the fix View Agent Collection Warnings
View the agent collection metrics Monitor Your Continuous Log Collection