Uncategorised

Datadog Tutorials: Log Collection & configuration using Datadog Agent

September 14, 2023 Leave a Comment

How to enable Log collection in Datadog?

To enable log collection with an Agent running on your host, change logs_enabled: false to logs_enabled: true in the Agent’s main configuration file (datadog.yaml).

Custom Log Collection in Datadog

Datadog Agent v6 can collect logs and forward them to Datadog from files, the network (TCP or UDP), journald, and Windows channels:

  1. Create a new <CUSTOM_LOG_SOURCE>.d/ folder in the conf.d/ directory at the root of your Agent’s configuration directory.
  2. Create a new conf.yaml file in this new folder.
  3. Add a custom log collection configuration group with the parameters below.
  4. Restart your Agent to take into account this new configuration.
  5. Run the Agent’s status subcommand and look for <CUSTOM_LOG_SOURCE> under the Checks section.

Log Type in Datadog

Log Type: File

Log Type: TCP/UDP

Log Type: journald

Log Type: Windows Events

- Install the Datadog Agent

- Verify Datadog Agent Status and Look for "Logs Agent" which is not running.
$ sudo datadog-agent status

- Enable log collection
To enable log collection with the Agent, edit the datadog.yaml configuration file located at /etc/datadog-agent/datadog.yaml and set logs_enabled:true

- Monitor a custom file

$ sudo mkdir /etc/datadog-agent/conf.d/custom_log_collection.d/
$ sudo vi /etc/datadog-agent/conf.d/custom_log_collection.d/conf.yaml
logs:
    - type: file
      path: /var/log/syslog
      source: syslog
      service: syslog
$ sudo service datadog-agent restart

-  Validation. Verify 
$ sudo datadog-agent status
Datadog Agent Status and Look for "Logs Agent" which is running.
$ chmod -R 755 /var/log/
$ datadog-agent status
Rajesh Kumar
Follow me
Latest posts by Rajesh Kumar (see all)
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x