Configuring the Logging agent to include or exclude files
You can configure the Logging agent to include or exclude files that the agent monitors.
Complete the following steps to deploy an agent to a supported Windows system.
Configure the Tail plugin
-
Create the input plug-in configuration file
input-tail.conf
inC:\Program Files\logs-agent\etc
. -
Add the INPUT section.
Set the Path with the directories and files that you want to monitor.
Set the Exclude_Path with the directories and files that you want to exclude from monitoring.
[INPUT] Name tail Tag * Path C:\logs\*.log Path_Key file Exclude_Path C:\logs\audit.log DB C:\logs\fluent-bit.DB Buffer_Chunk_Size 32KB Buffer_Max_Size 256KB Skip_Long_Lines On Refresh_Interval 10
-
Save the configuration file.
Modify the fluentbit configuration
Modify the C:\Program Files\logs-agent\etc\fluent-bit.conf
file to include the reference to the C:\Program Files\logs-agent\etc\input-windows-event-log.conf
.
@INCLUDE C:\Program Files\logs-agent\etc\input-windows-event-log.conf
The main configuration file C:\Program Files\logs-agent\etc\fluent-bit.conf
imports other files with the tag @INCLUDE <path_to_file>
.
Restart the agent
Restart the agent to apply the changes.
sc.exe stop fluent-bit && sc.exe start fluent-bit
Verify logs are being delivered to your target destination
Complete the following steps:
-
When your agent is correctly configured, you can see logs through the default dashboard view.