By: Ming Zhou
Read Time: 3 min
The Extract and Aggregate fields feature allows users to custom parse historical logs (post ingestion) and get an aggregated count on those newly parsed fields.
Enterprise SREs work with large systems that consist of internally built components and external products. Debugging with logs from external products can be extremely challenging. Users are working with logs that were sent from a third party system that they have no control over with no access to third party development teams to understand how that team logs.
In these scenarios, users find that LogDNA hasn’t parsed logs in the way that they want (because it’s not in a format that LogDNA recognizes) and it’s too late to set up Custom Parsing because the logs they’re working on have already been indexed. Moreover, users won’t know what format the logs will be in until they see them for the first time, setting up custom parsing rules to anticipate this would be difficult.
To solve this pain, LogDNA’s Extract and Aggregate fields allows users to create custom parsing rules and apply them to logs that have already been ingested. This allows for greater flexibility to switch up parsing rules in real time to figure out which portion of the log is most useful to be parsed into fields.
Custom and existing parsed fields will also be aggregated to give insights (metrics) to help the user further diagnose the issue. You can find this feature by expanding any log line in the logviewer.
We are so excited to offer you greater control and ability to manipulate your data to get the most out of your logs. As always, please email me at firstname.lastname@example.org for feedback and suggestions on how we can improve for the future.
LogDNA is releasing Custom Webhooks, enabling customers to easily integrate LogDNA alerts with 3rd-party services. Custom Webhooks allows you to configure a webhook’s header and...
AWS has a lot of services, and they all generate logs. A lot of logs. We’ve worked hard to make sure you can capture logs...
In the olden days, we used to have to get logs by putting our agent on one machine at a time, like hitching a horse...