For the log management systems, it could take a few minutes to parse the logs and make them significant after they're captured from the sources. So we need to be sure if the logs are coming to Logsign before the parse processes. Therefore Logsign provides a feature to its users to check if the logs are being forwarded to it or not.
Doesn't matter if the source is integrated to Logsign or not, it provides a real time control screen whether the logs are coming to Logsign IP address. The logs are visualized as their unparsed states.
It helps us both for analyzing the unprocessed logs and checking the log forwarding state of the source. Also it could help us to get an unparsed log sample of the source.
NOTE: If you have a source that we haven't a plug-in for it, you can also export a sample of these generic (unprocessed and unparsed) logs. So that we can work on these logs and make them significant for you to create reports, dashboards and alerts in your system with them.
You can follow the steps below to use this feature.
1- First you need to open the menu of Settings > Data Input > Log Capture Tool.
2- In the window that will open, you can insert the IP address of the source from which you have forwarded the logs to Logsign. And then you'll need to click on Start button.
3- If the inserted IP address is correct and there's no connection problem between the source and Logsign, the logs will start to flow as you can see below.
After the logs started to flow, you can click on Pause button to pause it. And then you can export the logs to a file that's named as Sample.txt by clicking on Export button. After your check or export process finished, you can stop the log flow by clicking on Stop button.