Source Groups
Navigation Notice: When the APM Integrated Experience is enabled, Loggly shares a common navigation and enhanced feature set with other integrated experience products. How you navigate Loggly and access its features may vary from these instructions.
Source Groups allow you to limit your searches to specific groups of related logs. You can limit your search based on the development environments you monitor, the clients you support, or the applications you own.
You can create an unlimited number of source groups to search log data from a combination of host names, application names, or custom Tags. Hosts, applications, and tags are available in Linux Syslog logs. Tags are also located in logs sent through an HTTP/S Event Endpoint.
Configure a source group
Setup Source Group
Open the Source Groups page using one of the following methods:
-
In the navigation menu, click Source Setup > Source Groups. Click Add New.
-
In the Search or Charts pages, click the source group drop-down menu and select Create Source Groups.
Define Source Group
-
Enter a name and description for your source group in the Add Source Group page.
-
Enter the Syslog Host, HTTP Client Host, Syslog Application, or Tag information in the corresponding field to define the sources you would like to include in your source group. You can add multiple values to a single field, which allows all sources defined in that source type's field to be included. You can also define source values in more than one field, which limits the sources to only those that fit both source type definitions.
For example, if you build a source group with
httpd
in the Application box andfrontend01
andfrontend02
in the Syslog Host box, a search using the source group would only show you only httpd logs from both frontend01 and frontend02. The equivalent query for this issyslog.appName:httpd AND (syslog.host:frontend01 OR syslog.host:frontend02)
. -
Click Save.
Source groups, once configured, are available to all users in your account. If you select a source group during a search, the search results will be restricted to the logs from the selected source group. Only one source group can be applied per search query.