Sumo Logic uses a fingerprint mechanism to track the position of the last message ingested from a file. Sumo Logic identifies new files based on a fingerprint of a file which is actually based on the first 2K bytes of a file. The fingerprint needs to be unique with the file names.
This fingerprint gets stored under the path: <Sumo_home>/config/blades directory.
You will see the hexadecimal blade.json file that represents the unique source under the configured collector on the server that has this information stored.
For example:
Sample Blade.json:
{
"blacklist": "",
"blade.id": 137202106,
"blade.name": "IIS_Logs",
"blade.sourceCategory": "",
"blade.sourceHostName": "",
"blade.type": "LocalFile",
"encoding": "UTF-8",
"files": [{
"completed": false,
"fingerPrint": "0484047c4969c961a53c04347362aabd",
"fpBytesUsed": 2048,
"isInTraining": true,
"name": "/Users/rahul/Downloads/44802/iis_logs.txt",
"pointer": 30140,
"trainedPrefix": ""
}
Comments
0 comments
Please sign in to leave a comment.