Example of etc/unified-monitoring-agent/conf.d/fluentd_config/fluentd.conf <source> @type tail tag 676961.varlog path /var/log/* pos_file /etc/unifiedmonitoringagent/pos/676961-varlog.pos path_key tailed_path <parse> @type syslog parser_type regexp </parse> </source> <match 676961.**> @type oci_logging log_object_id ocid1.log.oc1.iad.amxxxxxxx # OCI ID for a log <buffer tag> @type file retry_timeout 3h path /opt/unifiedmonitoringagent/run/buffer/676961 disable_chunk_backup true chunk_limit_size 5MB flush_interval 180s total_limit_size 1GB overflow_action throw_exception retry_type exponential_backoff </buffer> </match> |
[DEFAULT] #log_requests=True user=ocid1.user.oc1..aaaa..45q # OCI ID for user, who's member of user group fingerprint=.... key_file=... tenancy=ocid1.tenancy.oc1... #tenancy oci id region=your-region #ex. us-ashburn-1 [UNIFIED_MONITORING_AGENT] #log_requests=True user=ocid1.user.oc1..aaa..n45q # OCI ID for user, who's member of user group fingerprint=... key_file=.. tenancy=ocid1.tenancy.oc1... # tenancy oci id region=your-region #ex. us-ashburn-1 |
#!/bin/bash time_start="2021-09-13T22:30Z" time_end="2021-09-16T09:30Z" readonly compartment="ocid1.compartment.oc1...."" readonly log_group="ocid1.loggroup.oc1.iad...." readonly log="ocid1.log.oc1.iad.a...." # Count log number echo Total logs from ${time_start} to ${time_end} is: oci logging-search search-logs \ --time-start ${time_start} --time-end ${time_end} \ --search-query \ 'search "ocid1.compartment.oc1.../ocid1.loggroup.oc1.iad.../ocid1.log.oc1.iad..." | count' \ | jq '.data.results[0].data.count' exit 0 |
#!/bin/bash # Search all logs in specified time period time_start="2021-09-15T22:30Z" time_end="2021-09-16T05:30Z" readonly compartment="ocid1.compartment.oc1...."" readonly log_group="ocid1.loggroup.oc1.iad...." readonly log="ocid1.log.oc1.iad.a...." oci logging-search search-logs \ --time-start ${time_start} --time-end ${time_end} \ --search-query \ 'search "ocid1.compartment.oc1.../ocid1.loggroup.oc1.iad.../ocid1.log.oc1.iad..."' \ | jq -j '.data.results[].data.logContent| .time, " ",.data.host, " ",.data.message,"\n"' # some other jq examples: #| jq -j '.data.results[].data.logContent.data| " ",.host,": ",.message,"\n"' #| jq '.data.results[] | .data.logContent.data | .host,.message' # jq -j '.data.results[].data.logContent.data| " ",.host,": ",.message,"\n"' exit 0 |