SolarWinds.com Blog Contact Us
LOG MANAGEMENT AND ANALYTICS
INFRASTRUCTURE MONITORING
APPLICATION MONITORING
DIGITAL EXPERIENCE

Get unified visibility and intelligent insights with SolarWinds Observability SaaS

LEARN MORE

Log Management and Analytics

Explore the full capabilities of Log Management and Analytics powered by SolarWinds Loggly

View Product Info

FEATURES

Proactive Log MonitoringTroubleshooting and Diagnostics with LogsSecurity and ComplianceLog Analysis and ReportingDevOps IntegrationsLoggly for Enterprise ScaleDevOps Products

Infrastructure Monitoring Powered by SolarWinds AppOptics

Instant visibility into servers, virtual hosts, and containerized environments

View Infrastructure Monitoring Info

Application Performance Monitoring Powered by SolarWinds AppOptics

Comprehensive, full-stack visibility, and troubleshooting

View Application Performance Monitoring Info

Digital Experience Monitoring Powered by SolarWinds Pingdom

Make your websites faster and more reliable with easy-to-use web performance and digital experience monitoring

View Digital Experience Monitoring Info

SUPPORTED LOG SOURCES

Android Docker Nginx Linux Apache .NET Python PHP Syslog AWS CloudTrail Heroku Tomcat Syslog endpoint DigitalOcean IIS Kubernetes MySQL Docker Network devices and routers Windows system logs Java Node.js Javascript
View All Supported Log Sources

Technical Resources

Using Loggly Product Documentation API Loggly Library Catalog Sending Logs to Loggly Ultimate Guide to Logging Troubleshooting

Educational Resources

Videos & Webinars Infographics Whitepapers Case Studies Use Cases

APM Integrated Experience

Datasheet Infographic Video: Failed Transaction Check SolarWinds vs Dynatrace SolarWinds vs Datadog SolarWinds vs AppDynamics SolarWinds vs New Relic

Connect with Us

System Status Support Request Blog COVID-19 Resource Center

Blog Product news

Customized Parsing New Features: Derived Fields and Derived Tags

By Sven Dummer 19 Oct 2015

With Loggly, the most common types of logs are automatically parsed and broken down into fields and values. This works out-of-the-box with log files from e.g. Apache, Nginx, data that is formatted in JSON, and many other log types. But what if you have log data in a custom format unknown to Loggly? What if you want to further parse entries in one of the known formats, for example to extract a host name or a session ID from a field that also contains other information?

This is where Derived Fields come into the game. They now allow you to define custom rules through which Loggly will parse your data and break it into fields. These will then automatically be cataloged through Loggly Dynamic Field Explorer™ for easy, one-click summaries and analysis, and also allow for easier information extraction, better dashboards, and more efficient alerts.

There are three main rule types: Key-Value (defines characters as separators and delimiters, like “=”), Anchor (defines strings that precede and follow the field), and RegEx (for anything that can be matched by a regular expression).

A new fourth rule, Insert Tag, will allow you to do just that—insert custom tags based on defined conditions, so you can enrich your logs with useful information, for example to mark error messages of different types and formats as “ERR”. Needless to say, you then can make use of this new tag for all your analysis and also define alerts based on it.

Key-Value pairs
Entering custom key-value separators and delimiters.

Inserted tags and all Derived Fields are added as extra metadata to your original logs, and will not modify the original data. The rules will be applied to all your incoming log data after Loggly ingests it.

Rules can be named and tested before final activation.

Custom parsing rules
Defining custom parsing rules.

Try It for Yourself

If you’re in a free trial now or have a Pro or Enterprise account, you can use Derived Fields right away. See the documentation for how to get started and for all the details. Users on a Lite or Standard plan will need to upgrade to Pro to take advantage of these new features. Pro plans start at $99 per month (with an annual commitment).

Not using Loggly yet? Sign up for a 14-day free trial and check out both of these new features. You get full access to the Loggly Pro plan feature set with all Loggly free trials.

The Loggly and SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.
Sven Dummer

Sven Dummer

Latest Posts

Categories

Related blog posts