Administer: Other Actions
These are some of the additional administration tasks that you can perform.
Add Tags to Logging Analytics Resources
Oracle Cloud Infrastructure Tagging allows you to add metadata to resources, which enables you to define keys and values and associate them with resources. Tag your Logging Analytics resources such as log sources, parsers, entities, saved searches, scheduled tasks, log groups, fields, labels, uploads, and storage to organize and list them based on your business needs.
To learn more about tagging concepts, required permission for working with tags, tag limits, tag variables, using tags to manage access, and managing tags and tag namespaces, see Tagging Overview in Oracle Cloud Infrastructure Documentation.
Move Logging Analytics Resources Between Compartments
You can move Logging Analytics resources such as entities, log groups, and saved searches from one compartment to another.
-
Ensure that you have the required access permissions on the destination compartment to perform the Logging Analytics operations before you move the resources. After you move the resource to the new compartment, inherent policies apply immediately and affect access to the resource.
-
When you move a Logging Analytics resource to a new compartment, the associated resources might not move.
See Working with Compartments in Oracle Cloud Infrastructure Documentation.
Create Rules for Logging Analytics Events
Certain actions that you perform on Oracle Logging Analytics emit events. You can define rules that trigger a specific action when an event occurs.
The Events service enables you to create automation based on the state changes of resources throughout your tenancy. Use Events to allow your development teams to automatically respond when an event occurs.
For more information on the Events service, creating rules, and monitoring the performance of your rules by using metrics, see Overview of Events, Managing Rules for Events, and Events Metrics.
The following table lists the event types that Oracle Logging Analytics emits:
| Event Name | Event Type |
|---|---|
|
Assign Encryption Key - Begin |
com.oraclecloud.logginganalytics.assignencryptionkey.begin |
|
Assign Encryption Key - End |
com.oraclecloud.logginganalytics.assignencryptionkey.end |
|
Associations - Delete |
com.oraclecloud.logginganalytics.deleteassociations |
|
Associations - Upsert |
com.oraclecloud.logginganalytics.upsertassociations |
|
Auto Association - Enable |
com.oraclecloud.logginganalytics.enableautoassociation |
|
Auto Association - Disable |
com.oraclecloud.logginganalytics.disableautoassociation |
|
Custom Content - Import |
com.oraclecloud.logginganalytics.importcustomcontent |
|
Detection Rule - Change Compartment |
com.oraclecloud.logginganalytics.changescheduledtaskcompartment |
|
Detection Rule - Create |
com.oraclecloud.logginganalytics.createscheduledtask |
|
Detection Rule - Delete |
com.oraclecloud.logginganalytics.deletescheduledtask |
|
Detection Rule - Pause |
com.oraclecloud.logginganalytics.pausescheduledtask |
|
Detection Rule - Resume |
com.oraclecloud.logginganalytics.resumescheduledtask |
|
Detection Rule - Update |
com.oraclecloud.logginganalytics.updatescheduledtask |
|
Disable Archiving |
com.oraclecloud.logginganalytics.disablearchiving |
|
EM Bridge - Create |
com.oraclecloud.logginganalytics.createembridge |
|
EM Bridge - Delete |
com.oraclecloud.logginganalytics.deleteembridge |
|
Enable Archiving |
com.oraclecloud.logginganalytics.enablearchiving |
|
Entity - Create |
com.oraclecloud.logginganalytics.createentity |
|
Entity - Delete |
com.oraclecloud.logginganalytics.deleteentity |
|
Field - Upsert |
com.oraclecloud.logginganalytics.upsertfield |
|
Ingestion Time Rule - Change Compartment |
com.oraclecloud.logginganalytics.changeingesttimerulecompartment |
|
Ingestion Time Rule - Create |
com.oraclecloud.logginganalytics.createingesttimerule |
|
Ingestion Time Rule - Delete |
com.oraclecloud.logginganalytics.deleteingesttimerule |
|
Ingestion Time Rule - Disable |
com.oraclecloud.logginganalytics.disableingesttimerule |
|
Ingestion Time Rule - Enable |
com.oraclecloud.logginganalytics.enableingesttimerule |
|
Ingestion Time Rule - Update |
com.oraclecloud.logginganalytics.updateingesttimerule |
|
Label - Delete |
com.oraclecloud.logginganalytics.deletelabel |
|
Label - Upsert |
com.oraclecloud.logginganalytics.upsertlabel |
|
Log Group - Change Compartment |
com.oraclecloud.logginganalytics.changeloganalyticsloggroupcompartment |
|
Log Group - Create |
com.oraclecloud.logginganalytics.createloganalyticsloggroup |
|
Log Group - Delete |
com.oraclecloud.logginganalytics.deleteloganalyticsloggroup |
|
Log Group - Update |
com.oraclecloud.logginganalytics.updateloganalyticsloggroup |
|
Lookup - Delete |
com.oraclecloud.logginganalytics.deletelookup |
|
Lookup - Register |
com.oraclecloud.logginganalytics.registerlookup |
|
Lookup Data - Append |
com.oraclecloud.logginganalytics.appendlookupdata |
|
Lookup Data - Update |
com.oraclecloud.logginganalytics.updatelookupdata |
|
Lookup Properties - Update |
com.oraclecloud.logginganalytics.updatelookup |
|
Namespace - Offboard |
com.oraclecloud.logginganalytics.offboardnamespace |
|
Namespace - Onboard |
com.oraclecloud.logginganalytics.onboardnamespace |
|
Object Collection Rule - Create |
com.oraclecloud.logginganalytics.createloganalyticsobjectcollectionrule |
|
Object Collection Rule - Delete |
com.oraclecloud.logginganalytics.deleteloganalyticsobjectcollectionrule |
|
Object Collection Rule - Move Compartment |
com.oraclecloud.logginganalytics.changeloganalyticsobjectcollectionrulecompartment |
|
Object Collection Rule - Update |
com.oraclecloud.logginganalytics.updateloganalyticsobjectcollectionrule |
|
Parser - Delete |
com.oraclecloud.logginganalytics.deleteparser |
|
Parser - Upsert |
com.oraclecloud.logginganalytics.upsertparser |
|
Preferences - Remove |
com.oraclecloud.logginganalytics.removepreferences |
|
Preferences - Update |
com.oraclecloud.logginganalytics.updatepreferences |
|
Purge Storage Data - Begin |
com.oraclecloud.logginganalytics.purgestoragedata.begin |
|
Purge Storage Data - End |
com.oraclecloud.logginganalytics.purgestoragedata.end |
|
Recall Archived Data - Begin |
com.oraclecloud.logginganalytics.recallarchiveddata |
|
Recall Archived Data - End |
com.oraclecloud.logginganalytics.recallarchiveddata.end |
|
Release Recalled Data - Begin |
com.oraclecloud.logginganalytics.releaserecalleddata.begin |
|
Release Recalled Data - End |
com.oraclecloud.logginganalytics.releaserecalleddata.end |
|
Resource Categories - Remove |
com.oraclecloud.logginganalytics.removeresourcecategories |
|
Resource Categories - Update |
com.oraclecloud.logginganalytics.updateresourcecategories |
|
Set Unprocessed Data Bucket |
com.oraclecloud.logginganalytics.setunprocesseddatabucket |
|
Source - Delete |
com.oraclecloud.logginganalytics.deletesource |
|
Source - Upsert |
com.oraclecloud.logginganalytics.upsertsource |
|
Source Event Types - Add |
com.oraclecloud.logginganalytics.addsourceeventtypes |
|
Source Event Types - Disable |
com.oraclecloud.logginganalytics.disablesourceeventtypes |
|
Source Event Types - Enable |
com.oraclecloud.logginganalytics.enablesourceeventtypes |
|
Source Event Types - Remove |
com.oraclecloud.logginganalytics.removesourceeventtypes |
|
Upload - Delete |
com.oraclecloud.logginganalytics.deleteupload |
|
Upload Log Events File |
com.oraclecloud.logginganalytics.uploadlogeventsfile |
|
Upload Log File |
com.oraclecloud.logginganalytics.uploadlogfile |
|
Upload Log File - Delete |
com.oraclecloud.logginganalytics.deleteuploadfile |
|
Upload Warning - Delete |
com.oraclecloud.logginganalytics.deleteuploadwarning |
|
Warning - Suppress |
com.oraclecloud.logginganalytics.suppresswarning |
|
Warning - Unsuppress |
com.oraclecloud.logginganalytics.unsuppresswarning |
This is a reference event for Oracle Logging Analytics:
{
"eventType": "com.oraclecloud.logginganalytics.uploadlogeventsfile",
"cloudEventsVersion": "0.1",
"eventTypeVersion": "2.0",
"source": "LoggingAnalytics",
"eventTime": "2023-01-09T10:50:10Z",
"contentType": "application/json",
"data": {
"eventName": "example_event",
"compartmentId": "ocid1.compartment.oc1..unique_ID",
"compartmentName": "example_compartment",
"availabilityDomain": "availability_domain"
},
"eventID": "unique_ID",
"extensions": {
"compartmentId": "ocid1.compartment.oc1..unique_ID"
}
}Monitor Logging Analytics Using Service Metrics
Use the Oracle Cloud Infrastructure Monitoring service metrics to monitor Logging Analytics.
The service metrics are specific to your region and give you the visibility on the overall service performance. You can view these metrics in the service overview page and can also configure alarms using Oracle Cloud Infrastructure alarm features to get notifications when thresholds are crossed.
To access the service metrics for storage:
-
Open the navigation menu and click Observability & Management. Under Logging Analytics, click Administration. The Administration Overview page opens.
-
The administration resources are listed in the left hand navigation pane under Resources. Click Service Details.
To access the Processing Errors, Agent Data Upload Size, Agent Data Upload Errors, and Scheduled Task Execution Status metrics:
-
Open the navigation menu and click Observability & Management. Under Monitoring, click Service Metrics.
-
Select a Compartment you have permission to work in, for example,
root.The list of metric namespaces is updated for the selected compartment.
-
Select the Metric namespace
oci_logging_analytics.The metrics for Logging Analytics service are displayed.
The following metrics are available:
| Metrics Name | Unit | Interval | Description |
|---|---|---|---|
|
Active Storage Used |
GB |
1 Hour |
Size of the log data in active storage which is available for analysis. |
|
Archival Storage Used |
GB |
1 Hour |
Size of the log data in archive storage which is not in active use. |
|
Processing Errors |
Number |
1 Minute |
Count of errors while processing the log data across various collection methods. See Troubleshoot Ingestion Pipeline. |
|
Agent Data Upload Size |
Bytes |
1 Minute |
The size of log data collected through the Management Agent for each log source. See Monitor Your Continuous Log Collection. |
|
Agent Data Upload Errors |
Number |
1 Minute |
The count of errors occurred for each log source and the type of errors. See Monitor Your Continuous Log Collection. |
|
Scheduled Task Execution Status |
Number |
Saved search scheduled task has its own interval as specified in its task schedule |
Status of every scheduled task execution. See Monitor Your Saved Search Scheduled Tasks. |
Select the Metric namespace oci_logging_analytics and the right Compartment while viewing the metrics.
-
For Processing Errors metric, note that the value of Compartment must be selected based on your method of data ingestion. If you are collecting logs from the object storage bucket, then the value is the name of the compartment in which ObjectCollection rules are defined. For other methods of ingestion, it is the default root compartment.
-
For the metrics Agent Data Upload Size and Agent Data Upload Errors, select the agent compartment.
-
For the metric Scheduled Task Execution Status, select the compartment where the scheduled task is located.
For the actions that you can perform with each metric, see Actions for Service Metrics.
You can specify the following customizations to view the metrics:
- The time span for which the metric data must be displayed
- The time interval at which the data must be collated for display. Make sure to specify a value that's higher than the metric's collection interval.
- The statistical operation to perform on the data for displaying. You can select from Max, Min, Rate, Sum, Mean, Count, 50 Percentile, 90 Percentile, 95 Percentile, and 99 Percentile.
Actions for Service Metrics
In the Service Details page, you can view the various metrics for your service. Hover the cursor on the chart to get more information on each data point. Further, click the Options menu and select from any of the following actions:
-
View in Metric Explorer (View Query in Metrics Explorer for Processing Errors): You can view the metric in the Metric Explorer of the Monitoring service. In the Metrics Explorer, you can switch to the Data Table view for the collected data points, edit the queries used for generating the metrics, add a custom label to y-axis, or define the minimum and maximum values for y-axis.
-
Copy Chart URL: Copy the chart URL to use it in your other resources, applications, or for efficiency.
-
Copy Query (MQL): Copy the query used for generating the metrics and use it for customization in the Metrics Explorer.
-
Create an Alarm on this Query: You can set up an alarm which gets triggered each time the query is run and an error is detected.
For detailed steps to create an alarm in Monitoring service, see Managing Alarms in Oracle Cloud Infrastructure Documentation.
-
Table View: You can switch to the Table View for a tabular representation of the collected error data points.
For information on monitoring concepts and steps to access Monitoring service metrics, see Monitoring Overview in Oracle Cloud Infrastructure Documentation.