10 — Elastic Certified Observability Engineer Exam: Logging — Enable and configure integrations to collect the logs from a specific service

Hello everyone ✋

Today we will see how we configure the Elastic agent to collect the logs of system, or in another words, Enable and configure integrations to collect the logs from a specific service

we did in the previous blog the installation and configuration of both fleet server and elastic agent, now to be able collect the logs, we have two ways even we use predefined plocy or we define a new policy and after that add the integration, like this

go to fleet >> Agent police >> create agent policy

create one and give it a name, here’s our new policy

by clicking on your new policy you will get this

by clicking on add integration and you search for system

then you will get a page where you configure the what you want to collect from the system, we will enable logs and disable the rest like this:

when you enable the collecting logs, you will get more details like what path you want to collect logs from, and other details like processors, where we will discuss it in the future blogs.

once you done, you click on save and continue. once you done, you will get the logs on you elasticsearch and you can see the logs coming from you kibana.

let me know if you have question ^^ see you in the next one