sentry-logger-create
Creates a logger on a remote sentry.
Command properties
| Property | Description |
|---|---|
| Command type | Transforming |
| Required permission | Administrator |
| License usage | N/A |
| Parallel execution | Supported |
| Distributed execution | Not supported |
Syntax
Options
timeout=INT- RPC timeout in seconds. Accepts a value between 1 and 600. (Default:
30)
Input fields
| Field | Type | Required | Description |
|---|---|---|---|
guid | string | Required | Sentry unique identifier. |
factory_name | string | Required | Logger factory name. |
name | string | Required | Name of the logger to create. |
description | string | Optional | Logger description. |
configs | object | Required | Logger configuration. All keys and values must be strings. |
table_name | string | Optional | Name of the table where collected data will be stored. If not specified, the logger is used as a streaming-only logger. |
host_tag | string | Optional | Host tag (value tagged to the _host field). Defaults to the guid value if not specified. |
Output fields
All fields of the input record are preserved. If an error occurs, the following field is added:
| Field | Type | Description |
|---|---|---|
_error | string | Error message added to the original record if an error occurs. |
Possible values for the _error field:
| Error message | Description |
|---|---|
guid is null | The guid field value in the input record is null. |
guid should be string | The guid field value in the input record is not a string. |
guid should be non empty string | The guid field value in the input record is an empty string. |
not connected | The specified sentry is not connected. |
name should be not null | The name field value in the input record is null. |
name should be string | The name field value in the input record is not a string. |
name should be non empty string | The name field value in the input record is an empty string. |
factory_name should be not null | The factory_name field value in the input record is null. |
factory_name should be string | The factory_name field value in the input record is not a string. |
factory_name should be non empty string | The factory_name field value in the input record is an empty string. |
unsupported factory_name: {factory_name} | No logger factory exists for the specified factory_name. |
configs should be not null | The configs field value in the input record is null. |
configs should be dict type | The configs field value in the input record is not an object type. |
all values of configs should be string type | A value in the configs object is not a string. |
missing config key: {key} | A required configuration key for factory_name is missing. |
table_name should be non empty string | The table_name field value in the input record is an empty string. |
host_tag should be non empty string | The host_tag field value in the input record is an empty string. |
timeout | The RPC response did not arrive within the timeout period. |
disconnected | The sentry connection was lost during the RPC call or while waiting for logger registration. |
Exception messages from sentry-side processing may also appear.
Error codes
Parsing errors
| Error code | Message | Description |
|---|---|---|
| 23100 | No permission to call sentry RPC. | The user does not have administrator privileges. |
| 23101 | Invalid sentry RPC timeout option value. Use a value between 1 and 600. | The timeout value is not an integer or is outside the range 1–600. |
Runtime errors
N/A
Description
The sentry-logger-create command identifies a sentry by the guid field of the input record and executes the remote RPC call createLogger with the factory_name, name, description, and configs fields as arguments to create a logger on the sentry.
If the RPC call to create the logger succeeds, the command waits until the logger is registered in the logger registry. After registration is confirmed, a managed logger configuration including table_name and host_tag (defaulting to the guid value if not specified) is created.
If the input field values are invalid or the sentry is not connected, the _error field is added to the original record. If a timeout occurs during the RPC response or while waiting for logger registration, _error: timeout is set.
Up to 100 RPC requests are processed concurrently. The concurrency limit can be changed using the logpresso.core.sentry_rpc_parallel system property.
The output record order may differ from the input record order. Do not rely on record order; use the output data itself.
Examples
-
Create a wtmp logger on all connected Linux sentries
system sentries | search os == "Linux" and is_connected | eval name = "wtmp_linux" | eval factory_name = "wtmp" | eval configs = dict("path", "/var/log/wtmp") | sentry-logger-create | search isnull(_error) | fields guid, nameCreates the
wtmp_linuxlogger on all connected Linux sentries and outputs only records that were processed without errors. -
Create a logger with a specified table and host tag
system sentries | search is_connected | eval name = "local\\\\syslog" | eval factory_name = "syslog" | eval configs = dict("port", "514") | eval table_name = "syslog" | eval host_tag = host | sentry-logger-create timeout=60 | fields guid, name, table_name, _errorCreates a logger with the RPC timeout set to 60 seconds, specifying the table name and host tag, and outputs the processing results.