LM Logs offers a unique and unified approach to log analysis centered on algorithmic root-cause analysis. LM Logs analyzes log events to identify normal patterns and deviations from these patterns: anomalies. These log anomaly events are displayed in a Logs page and contextually with metric Alerts to help speed investigation.
We currently support sending log data to LogicMonitor via the LM Logs Ingestion API. You can send custom logs directly to the ingestion endpoint or use one of our provided integrations:
- An Amazon Web Services (AWS) integration for logs stored in Amazon CloudWatch. See Setting up CloudWatch Logs Ingestion.
- A Microsoft Azure integration for Azure device logs. See Setting up Azure Logs Ingestion.
- A Google Cloud Platform (GCP) integration for application logs. See Setting up GCP Logs Ingestion.
- A Fluentd output plugin for sending fluentd records. See Setting up Fluentd Logs Ingestion.
- LogicMonitor’s Kubernetes integration has a Helm chart configuration for LM Logs. See Setting up Kubernetes Logs Ingestion.
- The LogicMonitor Collector supports forwarding Syslog log messages to LM Logs. See Collecting and Forwarding Syslog Logs.
For information on how to send custom logs directly to the log ingestion endpoint, see Sending Logs to the LM Logs Ingestion API.
Note: When setting up logs ingestion, we recommend that you use the available filtering options to remove logs that contain sensitive information so that they are not sent to LogicMonitor.
Once logs are sent to LogicMonitor, they will be mapped to existing monitored resources based on information sent to the API. Anomalies will be detected automatically and displayed in the Logs page and as context of the metric alerts for these resources. See Reviewing Logs and Log Anomalies.
If you are having issues setting up log ingestion or reviewing logs, check out the Troubleshooting guide for common issues. You can also find troubleshooting help for a specific integration in its setting up article listed under Getting Started.