Agent Management Overview

To ingest events from your applications into your custom log, you can install the Oracle fluentd-based agent. This agent allows you to control exactly which logs you want to collect, how to parse them, and more.


The Unified Monitoring Agent is a fully managed agent, and custom client configuration is not officially supported. For example, gathering logs from remote sources is not recommended, since doing so can have serious security implications (because the log source cannot be verified).

Oracle Cloud Infrastructure Logging includes Agent Configurations to enable and manage the agent for a set of supported operating systems. Agent Configurations give you a central experience to easily configure what custom logs you want to ingest across your fleet of hosts. The following are the supported operating systems for agent configurations:

  • Oracle Linux 7, Oracle Linux 8
  • CentOS 7, CentOS Stream 8
  • Windows Server 2012 R2, Windows Server 2016, Windows Server 2019


    Windows Server 2022 is not supported. See this known issue for more information.
  • Ubuntu 16.04, Ubuntu 18.04, Ubuntu 20.04

For Linux, only register Linux-specific input types, such as "Log Path", for a dynamic group that includes only a Linux instance. For Windows, only register Windows-specific input types, such as "Windows event log", for a dynamic group that includes only a Windows instance. Otherwise, the Unified Monitoring Agent malfunctions if you register a Windows input type for a Linux instance, and vice versa.

Unified Monitoring Agent and Agent Configuration Security

Unified Monitoring Agent configurations are secured using the Dynamic Group feature from IAM. For more information, see Selecting Target Hosts with Dynamic Groups.

In addition, agent configuration updates are securely processed only by authorized users. After any update is made, the logging backend propagates the update to the agent itself.

Furthermore, OCI personnel can't interject an update call made to the Unified Monitoring Agent. This is secured by the user principle (the user's IAM), without which no update can be accessed or changed.