Configuring logs
Logs are the mechanism to reach the root cause of an issue. However, you can make them more meaningful by adding fields or extracting fields that are present inside the message field. Here are the ways in which you can configure logs and enable operators to be more effective:
- Field Extraction Policies: Enable you to extract the information available in the log message. You can use the extracted fields to better analyze and visualize logs.
- Enrichment Policies: Enable you to enhance logs with additional information and saves operator's time that they spend in fetching such information from various sources.
Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*