Any recommendations for best practices?

(Charles Wise) #1

I’m curious what others have decided on as best practices for their log capture. For example:

‘type’ -
application_log for log entries from apps
access_log for http access entries
windows_event_log for windows event log entries
‘application’ -
set to the name of an application for their application logs and access logs
‘loglevel’ -
normalized into uppercase and one of ‘debug’, ‘info’, ‘warning’ or ‘error’ (no severe, fatal, etc.)
‘original_message’ -
set to the original log message before manipulating it with pipeline rules

I’m curious what others have settled on as their own best practices.

(system) closed #2

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.