Configure source type capabilities in Health Log Analytics

  • Rversion finale: Australia
  • Mis à jour 12 mars 2026
  • 2 minutes de lecture

    • Health Log Analytics extracts source types automatically in the mapping process. You can add timestamp formats and specify, delete, or exclude keywords for individual source types.

    Avant de commencer

    Role required: evt_mgmt_admin

    Procédure

    1. Navigate to All > Health Log Analytics > Data Input > Source Types.
      The Source Types table lists all source types that were extracted automatically during raw data mapping.
      Tableau 1. Source Types
      Field Description
      Auto extraction enabled Auto-extraction for this source type is either enabled or disabled. This value is set on the Source Type Structure form. Default: true.
      Learning mode Learning mode for the source type is either ongoing or completed.

      The AI engine must learn the format of log messages in each new log stream. In Learning mode, it learns the format of messages for this source type and extracts properties based on that knowledge.
      Stack trace detection enabled Detection of active stack frames for this source type is either enabled or disabled. Typically, a stack trace enables tracking an error to the log in which it originated.
    2. Open a record.
    3. Facultatif : Add a timestamp format for this source type.
      1. On the Source Type Timestamps tab, select New.
      2. In the Timestamp format field, select a format from the list of available timestamp formats.
      3. Select Submit.
    4. Facultatif : Specify a keyword for this source type.
      1. On the Lexical Keywords tab, select New.
        Remarque :
        The Lexical Keywords tab contains both global and specified keywords. Selecting New creates a specified keyword for this source type.
      2. On the form, fill in the fields.
        Field Description
        Name Unique and descriptive name for the keyword.
        Regular expression The regular expression ("regex") that defines matches.
        Exact match Boolean value. If selected, Health Log Analytics matches the exact regex. For example, 'NullPointerException' in a message would not match the regex 'exception'.

        Default: True
        Case-sensitive Boolean value. If selected, Health Log Analytics looks for a case-sensitive match of the regex.

        Default: False
      3. Select Submit.
    5. Facultatif : Delete a keyword specified for this source type.
      1. Select the row of the specified keyword that you want to delete.
      2. From the Actions on selected rows list at the bottom of the page, select Exclude keyword.
      3. Select Continue to delete the keyword.
    6. Facultatif : Exclude a global keyword for this source type
      When you exclude a keyword, Health Log Analytics no longer looks for it in the log data of this source type.
      1. Select the row of the global keyword that you want to exclude.
      2. From the Actions on selected rows list at the bottom of the page, select Exclude keyword.
      Remarque :
      You can delete global keywords from the Lexical Keywords page.
    7. Select Update.