When you perform the prerequisites for deploying Management Agents in the step Install Management Agents, you will create the required compartment, user group for Logging Analytics users, and create IAM policies to install the Management Agents. As part of the prerequisites, ensure that the following policies are created for your user group:

ALLOW GROUP Logging-Analytics-User-Group TO MANAGE management-agents IN COMPARTMENT <compartment_name>
ALLOW GROUP Logging-Analytics-User-Group to MANAGE management-agent-install-keys IN TENANCY
ALLOW GROUP Logging-Analytics-User-Group TO READ METRICS IN COMPARTMENT <compartment_name>
ALLOW GROUP Logging-Analytics-User-Group TO READ USERS IN TENANCY

In the above example policy statements, Logging-Analytics-User-Group is an example user group.

Also, create a dynamic group for the Management Agents if it already doesn't exist, for example Management-Agent-Dynamic-Group:

ALL {resource.type='managementagent', resource.compartment.id='<management_agent_compartment_OCID>'}

Create IAM policies for Management-Agent-Dynamic-Group to enable log collection and metrics generation:

ALLOW DYNAMIC-GROUP Management-Agent-Dynamic-Group TO USE METRICS IN TENANCY
ALLOW DYNAMIC-GROUP Management-Agent-Dynamic-Group TO {LOG_ANALYTICS_LOG_GROUP_UPLOAD_LOGS} IN TENANCY

While deploying the management agents for using Oracle Cloud Logging Analytics on UNIX-based hosts, ensure that the management agent has the correct privileges to read the log files from where data has to be collected.

You can use one of the following ways (in order of best practice) to make the log files readable to the management agent:

• Use Access Control Lists (ACLs) to enable the cloud agent user to read the log file path and log files. An ACL provides a flexible permission mechanism for file systems. Ensure that the full path to the log files is readable through the ACL.

  To set up an ACL in a UNIX-based host:

  1. Determine whether the system that contains the log files has the acl package:

     rpm -q acl

     If the system contains the acl package, then the previous command should return:

     acl-2.2.39-8.el5

     If the system doesn’t have the acl package, then download and install the package.

  2. Grant the management agent user READ access to the required log file:

     setfacl -m u:<agentuser>:r <path to the log file/log file name>

     Grant the cloud agent user READ access to the leading path or folders by running the following command:

     setfacl -R -m u:<agentuser>:r <path to the parent folder of the log file>

• Place the management agent and the product that generates the logs in the same user group, and make the files readable to the entire group. Restart the agent.

• Make the log files readable to all users. For example, chmod o+r <file>.

  You may have to give executable permission to the parent folders. For example, chmod o+rx <parent folder>.

See Oracle Management Agents Documentation to complete the following tasks:

• Perform prerequisites for deploying Management Agents

• Install Management Agent

After you install the Management Agent, complete the following Logging Analytics specific tasks to start the log collection:

• Map your entities to your agent: Create your entities and select the Management Agent that was installed to associate the agent with this entity. See Create an Entity to Represent Your Log-Emitting Resource. You can also edit an existing entity and add the agent.

• Configure New Source-Entity Association.

After you complete the set up for continuous log collection, the Management Agent installed on your host emits information about the size of log data that it is uploading to Logging Analytics and errors encountered, if any.

This data is displayed for each log source with the following agent log collection metrics:

• Agent Data Upload Size (logCollectionUploadDataSize): The size of the log data collected through the Management Agent for each log source.

• Agent Data Upload Errors (logCollectionUploadFailureCount): The count of errors occurred for each log source during the log collection and the type of errors.

To access the Agent Data Upload Size and Agent Data Upload Errors metrics, see Monitor Logging Analytics Using Service Metrics.

To modify the filters applied on the metrics data, you can view the metrics in the metrics explorer and change the metrics dimensions:

1. Click the Options menu on the top right corner of the agent log collection metric, and select View in Metric Explorer.

   The metric is now displayed in the Metrics Explorer. Here, you can view the chart in finer detail.

2. Click Edit Queries and select Dimension Name and Dimension Value for the metric. For example, if you want to view the upload data size for a specific host host123, then select the metric name logCollectionUploadDataSize, dimension name as agentHostName and the dimension value as host123.

   Click Update Chart to refresh the chart visualization. The chart will now display only the upload data size for the specified host.

   Similarly, if you want to view the number of upload errors encountered of the type LogGroupPolicyError, then select the metric name logCollectionUploadFailureCount, dimension name as errorCode and the dimension value as LogGroupPolicyError.

   Click Update Chart to refresh the chart visualization. The chart will now display the count of upload errors of the specified type for the specified period.

   You can switch to the Data Table view for a tabular representation of the data points in the metrics.

Following are the dimensions available to filter the metric data:

Following are the various types of errors reported by the Management Agent in the logCollectionUploadFailureCount metric for the dimension errorCode:

For the actions that you can perform with each metric, see Actions for Service Metrics.