The sample vRealize Log Insight Importer manifest files provide examples of parameter configurations.

The value of the directory key should be either relative to the source or absolute. The following example shows how to collect logs from files with a .log extension which reside two levels lower than the source directory and name of the last folder ends with the _log string.

[filelog|importer_test]
directory=*\*_log
include=*.log
event_marker=^\d{4}-\d{2}-\d{2} \d{2}:\d{2}:\d{2} [A-Z]{4} LOG

The following example shows how to collect all files with the extension .log from all sub-folders of the source directory including the source itself.

[filelog|sbimporter_test_channel]
directory = **
include = *.log
 

The following example shows how to collect logs from all files in the source directory (but not from sub-folders) except files that have an .ini extension. We interpret files as UTF-16LE encoded.

[filelog|quotes_channe3]
directory=
charset=UTF-16LE
exclude=*.ini
tags={"Provider" : "Apache"}

The following example shows how to collect logs from all files with the extension .log in the source directory (but not from sub-folders). The timestamp of events is parsed in the log file using the Common Log Format (CLF) parser and the extracted historical timestamp is applied. The log format parsed by the CLF parser is 2015-03-25 22:11:46,786 | DEBUG | pool-jetty-76 | AuthorizationMethodInterceptor | Authorizing method: public abstract.

[filelog|vcd-container-debug]
directory=
include=*.log
parser=vcd 

[parser|vcd]
base_parser=clf
format=%{%Y-%m-%d %H:%M:%S%f}t %M