This topic describes how to use Logtail to collect the logs of an Alibaba Cloud Elastic Compute Service (ECS) instance in full regex mode. This topic also describes how to query and analyze the collected logs.
Prerequisites
- An ECS instance is available. For more information, see ECS quick start.
- Logs are available on the ECS instance.
Background information
127.0.0.1 - - [10/Jun/2022:12:36:49 +0800] "GET /index.html HTTP/1.1" 200 612 "-"
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/537.36 (KHTML, like Gecko)
Chrome/68.0.3440.106 Safari/537.36"
. In this example, the full regex mode is used to collect logs based on the sample
log. For more information, see Collect logs in full regex mode.
Step 1: Activate Log Service
Step 2: Create a project and a Logstore
Step 3: Collect logs
After the Logstore is created, you are prompted to collect data.
Step 4: Query and analyze logs
After you configure indexes, you can query and analyze logs.
FAQ
- Am I charged if I only create projects and Logstores?
Log Service provides shards that can be used to read and write data. By default, shard resources are reserved when you create a Logstore. You are charged for active shards. For more information, see Why am I charged for active shards?
- What do I do if logs fail to be collected?
When you use Logtail to collect logs, a failure may occur due to Logtail heartbeat failures, collection errors, or invalid Logtail configurations. For more information, see What do I do if errors occur when I use Logtail to collect logs?
- What do I do if I can query logs but cannot analyze logs on the query and analysis
page of a Logstore?
If you want to analyze logs, you must configure indexes for log fields and turn on the switches in the Enable Analytics column. For more information, see Configure indexes.