Log Monitoring in Watchlog

Learn how to set up Watchlog Agent and configure your logs for monitoring.

Step 1: Install the Watchlog Agent

Before you can monitor your logs, you need to install the Watchlog Agent on your server. Follow the installation guide here:

Install Watchlog Agent

Step 2: Configure Log Monitoring

Once the agent is installed, navigate to its directory and edit the configuration file to specify which logs you want to monitor. 

# Open the log-agent.js file for editing
nano /opt/watchlog/agent/src/app/log-agent.js

Inside log-agent.js, define the log files you want to monitor: 

const logs = [
  {
    name: "Nginx Access Logs",
    path: "/var/log/nginx/access.log",
    service: "nginx",
    format: "auto"
  },
  {
    name: "Redis Logs",
    path: "/var/log/redis/redis.log",
    service: "redis",
    format: "custom",
    pattern: "^(\\d{2} \\w{3} \\d{2}:\\d{2}:\\d{2}) (\\w+): (.*)$"
  }
];

Understanding format and pattern

The format field defines how the log file should be processed:

  • auto: Watchlog automatically detects the format (recommended for common services like Nginx, Redis, Docker, etc.).
  • custom: You need to provide a specific pattern (regular expression) to parse the logs.

If you set format to custom, you must define a pattern. The pattern should be a **valid regex** that extracts:

  • The **timestamp** of the log.
  • The **log level** (e.g., INFO, ERROR, WARNING).
  • The **message content**.

For example, the regex: 

"^(\\d{2} \\w{3} \\d{2}:\\d{2}:\\d{2}) (\\w+): (.*)$"

Will extract: 

"08 Mar 13:45:10 INFO: Server started"

Into:

  • date: 08 Mar 13:45:10
  • level: INFO
  • message: Server started

Step 3: Log Levels and Filtering

In Watchlog, each log has a **level**, which helps categorize messages. The supported levels are:

  • INFO (Blue): General information.
  • WARNING (Yellow): Potential issues.
  • ERROR (Red): Critical errors.
  • SUCCESS (Green): Successful events.

You can filter logs based on their level in the Watchlog dashboard.

Step 4: Searching and Filtering Logs

Watchlog allows you to **search logs in real-time** and apply filters.

  • 🔍 Search logs by **keywords**.
  • 📅 Filter logs by **time range**.
  • ⚠️ Filter logs by **level** (INFO, WARNING, ERROR, SUCCESS).

You can access the logs in the **Log Monitoring** section of the Watchlog dashboard. 

http://app.watchlog.io/logs