Version:

Routing Policies

Routing Policies allow you to selectively direct the incoming logs into different repos in the system. You can perform routing by key-value match or key-present criteria.

../_images/LP_Config_RP_List.png

Routing Policies

Adding a Routing Policy

  1. Go to Settings >> Configuration from the navigation bar and click Routing Policies.

../_images/LP_Config_RP_List_Add.png

Routing Policies

  1. Click Add Policy.

../_images/LP_Config_RP_Add_KeyPresent.png

Add Policy panel

  1. Provide the Policy Name for the routing policy.

  2. Choose a repo from the Catch All drop-down menu. If an incoming log does not match any routing criteria, it gets stored in the Catch All repo.

  3. Select the Type from the drop-down menu. The type can either be KeyPresent or KeyPresentValueMatches.

  1. If you select KeyPresent, provide a Key. In this case, LogPoint applies the routing criteria to all the log messages containing the specified key.

  2. If you select KeyPresentValueMatches, enter a Key and a Value. In this case, LogPoint applies the routing criteria to all the log messages conforming with the provided Key-Value match.

Note

The Key for both the KeyPresent and the KeyPresentValueMatches types must be a normalized field name of the log message.

  1. Choose an Operation:

    • Store raw message: LogPoint stores both the raw message and the normalized data in the target repository.

    • Discard raw message: LogPoint discards the raw message and stores the normalized data.

    • Discard entire event: LogPoint discards both the raw message and the normalized data.

  2. Select the target Repository from the drop-down menu for the Routing Criteria.

  3. Click Add.

    Once you add a criterion, it is listed in the table below the Routing Criteria section. The priority of the routing criteria can be changed by clicking the up and down arrows in the Actions column.

  4. Click Submit.

Note

  • Click the ? icon near the top-right corner to get help on the inputs.

  • You cannot specify routing specifications for the repo _logpoint.

  • You can find the _LogPointAlerts routing policy by default in LogPoint. It routes the log messages with norm_id as LogPointAlerts to the _LogPointAlerts repo. Otherwise, it forwards them to the default repo.

If an incoming log message matches any of the configured routing criteria, it is either forwarded to the target repository, or dropped as per the configurations.

Editing a Routing Policy

  1. Go to Settings >> Configuration from the navigation bar and click Routing Policies.

  2. Click the Name of the required routing policy.

../_images/LP_Config_RP_List_Edit.png

Routing Policies

  1. Update the information.

  2. Click Submit.

Deleting Routing Policies

  1. Go to Settings >> Configuration from the navigation bar and click Routing Policies.

  2. Click the Delete icon under the Actions column of the policy.

    ../_images/LP_Config_RP_List_Delete.png

    Routing Policies

    1. To delete multiple routing policies, select the policies. Click the More drop-down menu and choose Delete Selected.

    ../_images/LP_Config_RP_List_DeleteSelected.png

    Routing Policies

    1. To delete all the routing policies, click the More drop-down menu and choose Delete All.

    ../_images/LP_Config_RP_List_DeleteAll.png

    Routing Policies

  3. A delete confirmation dialog box appears on the screen. Click Yes to proceed.

Helpful?

We are glad this guide helped.


Please don't include any personal information in your comment

Contact Support