Use this page in the wizard to further customize the way the data is filtered and captured. Note: The options available to you depend on the type of monitoring policy you create or edit.
Select data capturing type
Select how the data can be captured for monitoring.
-
Index server: Index the data in the index server based on the criteria defined in the policy. You can perform searches on the data using the monitoring application.
-
Event Raiser: Monitor the logs based on the criteria defined by the user, and then create an event in the Event Viewer. The software automatically creates an alert with the name Event Raiser Alert for Monitoring Policy [MonitoringPolicyName]. To receive any email alert notifications, you must enable the alert. For instructions, see Enabling or Disabling Alerts.
Select Index Server
Lists the Index Servers that you configured for monitoring. The Index Server is configured during the setup of the Log Monitoring or System Monitoring application and is used to index the data that is defined in the monitoring policy.
Age Analytics data after n days
When selected, you can specify the number of days that you want to retain the content indexed data and use it for analysis. The data that is older than the specified number of days will be aged and pruned. However, you can archive the aged data and re-index the aged data based on your requirement. For information on archiving the aged data, see Archiving Aged Analytics Data in Log Monitoring.
Use Cloud Policy
When selected, the Index Server defined in the cloud monitoring policy you choose indexes the data captured by the current monitoring policy. Cloud policies appear in the Use Cloud Policy list after they are configured in Control Panel > Cloud Policy Configuration. For information on configuring cloud policies, see Configuring a Cloud Policy for Log Monitoring.
Capture log file header (Top n lines in log file)
When selected, the log file header is captured. The number of lines that make up the log header is defined in the monitoring policy template in the Number of lines in log file header box.
Skip files with modification time older than n days
This option appears for all policies other than the policies created for monitoring Windows events. When selected, log files that did not change in seven or more days are skipped. You can change the number of days.
Skip events older than n days
This option appears only for the policies created for monitoring Windows events. When selected, Windows events that took place seven or more days ago are skipped. You can change the number of days.
Index only future data (ignore existing data)
When selected, the log data that was generated before the monitoring policy creation is excluded from the monitoring process. When the policy runs for the first time, only the meta data information (such as current line number, offset, and file unique ID) is collected.
When not selected, the policy monitors the old log data based on the specified monitoring criteria.
Automatically discover fields (Available for Text Log Files monitoring policies)
When selected, log files containing key value pairs separated by the following delimiters are automatically added to the facet list in the Log Monitoring application:
-
= (equal sign)
-
[ ] (brackets)
-
( ) (parentheses)
Location detection
Select this option to render data for geospatial charts.
Enable Archive
Select this option to back up and archive aged analytics data using a OnePass subclient. This option must be selected when creating a monitoring policy using Mifid template.
-
Select OnePass subclient
The OnePass subclient that backs up and archives aged analytics data. The OnePass subclient must be on the Index Store client assigned to the Index Server. The analytics data is aged based on the Age Analytics data after n days check box. For information on archiving the aged data, see Archiving Aged Analytics Data in Log Monitoring.
-
Storage policy for archive subclient (Available when Create New is clicked from the Select OnePass subclient list)
The storage policy to use for the OnePass subclient.
-
Subclient path location (Available when Create New is clicked from the Select OnePass subclient list)
The location for the docList.xml and numberOfDocs.txt files. For information on these files, see Archiving Aged Analytics Data in Log Monitoring.