Custom Patterns for Log Parsing

• How to edit custom pattern?
• How to delete custom pattern?
• How to assign a log type to another log type?
• How to add Open Attribute?
• How to edit, delete Open Attribute?
• How to mark custom pattern as identity rule for the respective user defined log type?
• All Patterns

How to edit custom pattern?

Edit/ Del menu will take you to the Custom Pattern Details page, where all the patterns created are listed.

The field name can be edited. When mouse is hovered on the filed name Edit icon will be visible.

1. Use the Field Edit icon to edit the field name

The display name of the Log Type can be edited.

2. Use the Log Type Edit icon to edit the log type name

How to delete custom pattern?

When mouse is hovered on the filed name or pattern Delete icon will be visible.

1. Clicking the Log Type Delete icon will delete the new log type. Deleting the log type will delete the parser rule for the particular log type.

2. Clicking the Filed Delete icon will delete the new field.

3. Clicking the Pattern Delete icon will delete the new pattern.

How to assign a log type to another log type?

A log type can be assigned to another log type. In this case, the parser rules of the actual log type will not be shown, applied and the parser rules of the assigned log type will be shown and applied. The procedure to assign log type is shown in the screen shots below.

How to add Open Attribute?

If there is no open attribute added for the new field, you can add it here. The procedure to add open attribure is shown below in the screen shot.

How to edit, delete Open Attribute?

How to mark custom pattern as identity rule for the respective user defined log type?

The custom pattern (parser rule) can be marked and unmarked as Identity rule for that user defined log type. Multiple custom patterns can be marked as Identity rules for a particular user defined log type. If no identity pattern defined for the user defined log type, the message 'No Identity Pattern(s) available for this Log Type. Please mark atleast one pattern as Identity Pattern.' appears on the Custom Pattern Details screen. If you hover on the Pattern field, menu options '* Mark as Identity Rule' and 'Delete icon' will appear. Use the '* Mark as Identity Rule' menu option to mark the pattern as identity rule this user defined log type.

All Patterns

In the Custom Pattern Details page, all the patterns created are displayed with log type, criteria on which the pattern should be applied, filed name with edit and delete option, and the pattern with delete option.