The "type" field is used to identify the type of log data and provide you with a richer logging experience. For example, if your "type" is apache_access, we will assume that the logs that we receive are Apache access logs, parse them accordingly, and then give you customised GROKing and enrichment out of the box.
A detailed explanation on how to ship the logs for the various sources is specified here.
The following table describes the built-in types supported by the platform - customized types can be added as required:
| Description | Type |
| Nginx Access logs | nginx , nginx_access , nginx-access |
| Nginx Error logs | nginx-error |
| Apache Access logs | apache , apache_access , apache-access |
| Elasticsearch | elasticsearch |
| Nagios | nagios |
| HAProxy | haproxy |
| Monit | monit |
| Mysql | mysql |
| Mysql Error logs | mysql_error |
| Mysql Slow Query logs | mysql_slow_query |
| Mysql Monitor logs | mysql_monitor |
| GPFS | gpfs |
| MongoDB | mongodb |
| Microsoft IIS | iis |
| AWS CloudFront | cloudfront |
| AWS VPCFlow | vpcflow |
| AWS CloudTrail | cloudtrail |
| AWS ELB | elb |
| AWS S3 Access | S3Access |
| OSSEC | ossec |
| Jenkins | jenkins |
| Route 53 | route_53 |
Comments
0 comments
Please sign in to leave a comment.