Tutorial Feedback

Use the form below to provide feedback on this page / tutorial as a whole.

Skip to content

5. View Data

It is time to view the data in Dynatrace.

In Dynatrace:

  • Press ctrl + k search for notebooks
  • Add a new section for logs
  • Search for:
fetch logs
| filter matchesPhrase(content, "Log line")

dynatrace notebook syslog

Scroll to the right on the log line. Notice that Dynatrace natively understands syslog and has automatically mapped the fields to their human readable names.

dynatrace syslog mapping

These fields can be used to filter, group or parse log data further.

For example, the following query shows all log lines containing the text Log line split by the priority, hostname and proc_id fields:

fetch logs
| filter contains(content, "Log line")
| summarize logCount = count(), by:{priority, hostname, proc_id}
| sort logCount desc

syslog split by fields

Congratulations#

You have succesfully ingested syslog data into Dynatrace.

This Observability lab is now complete.