Working with logs

BMC Helix Logging uses Elasticsearch, Fluent Bit, and Kibana (EFK) to collect, store, and view your log data:

  • Elasticsearch: A search engine also used to store and analyze logs.
  • Fluent Bit: A data collector that gathers logs from the application nodes and sends them to Elasticsearch.
  • Kibana: A web user interface used for data visualization and an exploration tool for logs.

All installation logs are available in the helix-on-prem-deployment-manager/logs directory.

Related topic

Troubleshooting-EFK-logging-issues

To configure Kibana

  1. Create data views
  2. Refine the search
  3. Export the logs to a CSV file
    If you have any issues, send the CSV file to BMC Support.

To create data views

  1. From the config/infra.config file, obtain the URL to access the Kibana UI.
    For example: https://kibana.apexglobal.bmc.com
  2. On the Kibana login screen:
    1. Enter elastic as the default user name.
    2. Enter the Kibana password that is added in the commons/certs/secrets.txt file.
    3. Click Log In.
  3. At the top left corner, click 23.1.02_FlentBit_Hamburger.png.
  4. Scroll down the left pane, in the Management area, click Stack Management.
    23.1.02_FlentBit_StackMaangement.png
  5. In the Kibana area, click Data Views.
    23.1.02_FlentBit_DataViews.png
  6. Click Create data view.
  7. On the Create data view console, in the Name box, add a name for the data view, beginning with log*.
    23.1.02_FlentBit_CreateDataView.png
    All Fluent Bit logs start with the word logstash.
  8. Click Create data view.

To refine the search

  1. On the Kibana home page, click 23.1.02_FlentBit_Hamburger.png.
  2. In the Analytics area, click Discover.
  3. Use the filters to refine your search, and then click Refresh query.
    23.1.02_FlentBit_FiltersRefreshQuery.png
  1. Save your search.


To export logs to a csv file

  1. On the Kibana home page, click 23.1.02_FlentBit_Hamburger.png.
  2. In the Analytics area, click Discover.
  3. Use the filter to refine your search, and then click Refresh query.
    23.1.02_FlentBit_FiltersRefreshQuery.png

  4. Save your search.
  5. Select Share > CSV Reports.
    23.1.02_FlentBit_CSVReport.png
  6. Click Generate CSV.
    The system displays a similar message:
    23.1.02_FlentBit_Message1.png
  7. When prompted, click Download report and save the report.
    23.1.02_FlentBit_Message2.png


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*