Administer > Policies > Structured Log File Policies > How to Collect Event Data from Structured Log Files

How to Collect Event Data from Structured Log Files

This task describes how to collect event data from structured log files.

  1. Prerequisite: Make sure the following applies:

    1. Your Operations Connector is configured to work with OMi by using the bsmc-conf tool.

    2. The certificate request is approved on the OMi side.

    3. Your Operations Connector is set up as a connected server in OMi.

  2. In the Operations Connector user interface, click Create in the toolbar. Then click Event > Log file Structured Log File.

    Alternatively, double-click an existing policy to edit it.

  3. In the Properties page, define information that is related to the policy itself (for example, the name and description of the policy).

  4. In the Source page, define the structure pattern of the log file by using the OM pattern-matching language.

  5. In the Mappings page, map the structured log file's input data properties to custom variables.

  6. Optional. In the Defaults page, configure the default settings for all events generated by the policy (for example, default event correlation settings).

  7. In the Rules page, define what the policy should do in response to a specific type of event.

  8. In the Options page, configure several policy behaviors (for example, pattern matching options).

  9. Click Save and Close to save the policy and close the editor.

  10. Optional. If the list of policies does not refresh automatically in the Operations Connector user interface, click Refresh in the toolbar.

Related topics

Configuring Structured Log File Policy Properties

Configuring Data Source in Structured Log File Policies

Configuring Mappings in Structured Log File Policies (Event and Metrics Only)

Configuring Event Defaults in Structured Log File Policies

Configuring Event Rules in Structured Log File Policies

Configuring Options in Structured Log File Policies