Adding Data to the XpoLog Platform
Log files can be loaded into the XpoLog servers from the following types of data sources:
- Any Textual files in any format
- Windows Event Logs
- Syslog
- Database tables
The XpoLog server can read log files into XpoLog from the following types of servers:
- Direct access (Local or Remote) - XpoLog can access a local log file, i.e. a log file that resides on the same server as XpoLog, and read it into XpoLog. XpoLog can also access a log file on a remote server to which it has been provided direct access (i.e. the server has a service account that enables remote access to these servers), if XpoLog is provided with the UNC path (\\hostname\dirname) to the log files on the remote server or on UNIX based machines direct access to mounted directories.
- SSH (Secured shell) - XpoLog can access a log file on remote servers over SSH agent-less, provided that XpoLog has an account with a username and password or private/public key for connecting to the SSH server on which the log files reside. Usually used for connecting to Unix servers (Linux systems).
- Windows Network - XpoLog can access a server in a Windows Network, provided that XpoLog has an account with a username and password for connecting to the Windows server on which the log files reside and XpoLog is installed on a server that runs on Windows.
- Hadoop HDFS - XpoLog contains an integration to Hadoop HDFS and can access logs which reside on the Hadoop environment
- Google App Engine - XpoLog contains integration to Google App Engine and can access logs from applications that run on the Google App Engine cloud
- Amazon Web Services (AWS) - XpoLog contains integration to Amazon Web Services (AWS) and can access machines which are hosted on the Amazon cloud
- Database - XpoLog can connect to any Database which supports JDBC connectivity to add database tables as logs in XpoLog
- Windows Events - XpoLog support Windows Event logs (evt, evtx) which can be added from remote servers in the Windows environment
- Remote XpoLog - XpoLog can communicate over HTTP/S with other XpoLog instances in the environment to collect data from multiple XpoLog instances into a centralized viewer
- Local XpoLog - In case there is a need to filter specific data from existing Log, XpoLog can collect logs from its local data repository.
- Merge XpoLog - Any log in XpoLog system (regardless of its source location) can be merged to a unified view with other logs, all data will be presented in a single view sorted chronologically
- Listeners - XpoLog also functions as a Syslog server, it can use UPD or TCP to receive events from sources/devices which send Syslog message
Note: XpoLog requires Read permission for any log that it reads, regardless of the source of the log file.
While the logs are being copied into the XpoLog server's repository, XpoLog indexes the log files and performs on them Analytics. It saves the data, index and analysis of the log files in XpoLog make them available for searching, analysis and visualization. It is possible to define a storage policy on each log to determine the time XpoLog should keep its data available.
See Adding a Log to XpoLog for detailed instructions on how to add a single log file to XpoLog, or Adding a Logs Directory to XpoLog for detailed instructions on how to to add a directory of log files to XpoLog.