Analytics Log Data

Log Analytics collects from log files depends on the source of the log file and the pattern that you specify to structure the data in the log with. Every log entry is an event in the Log Analytics event stream.

Log Analytics Data

Log Analytics only supports the UTF-8 encoding format.

Event Type: logs

Key (event type identifier): sourceType

These fields are captured by default; you can configure and capture optional data, but these fields are always present:

UI Field Name	Description	Events Service Internal Name
pickupTimestamp	The timestamp when the Java Agent picked up the event and sent it to the Analytics Agent.	`pickupTimestamp`
Message	The message body of the log event.	`message`
host	IP address or host name where the event was generated.	`host`
source	Location of the logs, usually a path or directory such as `/tomcat/logs`.	`source`
sourceType	The kind of log file, such as `apache-httpserver-access-log`.	`sourceType`
Timestamp	Timestamp of the log event.	`eventTimestamp`
Extracted Fields	Fields that were extracted using the Controller UI in previous versions appear in the Extracted Fields list. See Collect Log Analytics Data.	Varies

You can optionally configure these fields:

Optional Fields	Description
nodeName	Name of the node where the log event occurred.
tierName	Name of the tier where the log event occurred.
appName	Application name where the log event occurred.