Ubuntu

  1. Ensure the Watchlog agent is installed. You can follow the Installation Guide.
  2. Open the watchlist configuration file:
    sudo nano /opt/watchlog/agent/src/log-watchlist.json
  3. Define the logs you want to monitor. For example:
    {
  "logs": [
    {
      "name": "Nginx Access Logs",
      "path": "/var/log/nginx/access.log",
      "service": "nginx",
      "format": "auto"
    },
    {
      "name": "Redis Logs",
      "path": "/var/log/redis/redis.log",
      "service": "redis",
      "format": "custom",
      "pattern": "^(\\d{2} \\w{3} \\d{2}:\\d{2}:\\d{2}) (\\w+): (.*)$"
    }
  ]
}
  4. Explanation of fields:
    • name: A friendly name for this log stream.
    • path: Full filesystem path to the log file.
    • service: The service name used for categorization.
    • format:
      • auto: Watchlist auto-detects common log formats.
      • custom: Use the pattern field to define a regular expression.
    • pattern: A regex with three capture groups for:
      1. Date/Time
      2. Log Level (e.g., INFO, ERROR, DEBUG)
      3. Message content.
  5. Save the file and reload the agent:
    sudo pm2 reload watchlog-agent
Last Updated::
Contributors: mohammad