Common Event Format

Configure Common Event Format Log Source with observIQ

Supported Platforms

Source

Windows

Linux

Mac

Kubernetes

Openshift

Common Event Format

Configuration

Option

Description

File Path

Specify a single path or multiple paths to read one or many files. You may also use a wildcard (*) to read multiple files within a directory.

Type

Adds the specified 'Type' as a label to each log message.

Geographic Location

The geographic location (timezone) to use when parsing logs that contain a timestamp.

Start At

Choose whether to start reading from the beginning or end of a file with "end" being the default.

Log Types

Types

custom_event_format

Dashboards

Users can configure dashboards using visualizations. More information can be found on our visualizations and dashboards page.

Advanced

For more information on the advanced configuration capabilities, see our detailed plugin guide here.