Collecting logs

To collect logs:

• Download and install connectors: Download a connector and install it on the host from where you want to collect logs. The connector collects data from the host and sends it to BMC Helix Log Analytics. For more information, see Installing-and-managing-connectors.
• Parsing rule: Create a parsing rule in which you define the format and configurations to parse the incoming logs. For more information, see Creating-a-parsing-rule.
• Filtering rule: Create a filtering rule in which you specify the logs you want to filter or exclude. Filtering helps you manage the storage of your tenant. For more information, see Creating-a-filtering-rule.
  For file type logs, you can use a filtering rule to filter logs before parsing them. By doing this, you can boost system performance by limiting the number of file type logs that are parsed and further processed. For more information, see Collecting-application-logs. 
• Collection policy: Create a collection policy that is a collection engine where you enter all the configurations that you create for log collection and any additional log source-related configurations. For more information, see Creating-collection-policies. 

The following video (3:37) provides you an overview of the log collection process in BMC Helix Log Analytics.

Watch the YouTube video to get an overview of the log collection process in BMC Helix Log Analytics.

For more information, see Collecting-application-logs. Application logs use Files as the collection type.

You can also use open source collectors—Filebeat and Logstash—to collect logs. However, you need to manage all the connectors as it is not supported in the BMC Helix Log Analytics connector framework. For more information, see Collecting-logs-by-using-the-command-line-interface.