5. View Data

It is time to view the data in Dynatrace.

In Dynatrace:

• Press ctrl + k search for notebooks
• Add a new section for logs
• Search for Log line

Scroll right on the log line. Notice that Dynatrace natively understands syslog and has automatically mapped the fields to their human readable names.

These fields can be used to filter, group or parse log data further.

For example, the following query shows all log lines containing the text Log line split by the priority, hostname and proc_id fields:

fetch logs
| filter contains(content, "Log line")
| summarize logCount = count(), by:{priority, hostname, proc_id}
| sort logCount desc

Congratulations

You have succesfully ingested syslog data into Dynatrace.

This Observability lab is now complete.

• Click here to cleanup your environment