Source logs not showing

Follow
Avatar
Alex Dahlman

Hey there. Still new to SumoLogic, so I apologize if I'm missing a step in my collection. 

 

I'm trying to collect data from a MacOSX application we run on our endpoints. I set up a local file for the collector, and it's reading the system logs fine, however it's not collecting this one application log. Here is a snippet of the json. 

"sources":[{

    "name":"anka/logs",

    "category":"anka",

    "hostName":"dahlman-mac",

    "automaticDateParsing":true,

    "multilineProcessingEnabled":true,

    "useAutolineMatching":true,

    "forceTimeZone":false,

    "filters":[],

    "cutoffTimestamp":0,

    "encoding":"UTF-8",

    "pathExpression":"/Library/Logs/Anka/anka.log",

    "blacklist":[],

    "sourceType":"LocalFile"

 

When trying to query the logs, it just shows up blank, and doesn't show up as a source when we _collector="". Am I missing a piece of information to make this work? 

 

Thanks.

1

Comments

1 comment

Sort by Date Votes
  • Avatar
    Barry Bisson

    Alex, I reached out to you directly via email.   I suspect this is a file system permission issue, but we would need to delve a bit deeper.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post