The 1c-log type is used to retrieve data from 1C application technology logs. Strings delimiter: \n. The connector accepts only the first line from a multi-line event record. This type of connector is available for Linux Agents.
When creating this type of connector, specify values for the following settings:
Basic settings tab:
Name (required)—a unique name for this type of resource. Must contain 1 to 128 Unicode characters.
Tenant (required)—name of the tenant that owns the resource.
Type (required)—connector type, 1c-log.
URL (required)—full path to the directory containing files that you need to interact with. For example, /var/log/1c/logs/.
Prefixes that cannot be used when specifying paths to files:
/*
/bin
/boot
/dev
/etc
/home
/lib
/lib64
/proc
/root
/run
/sys
/tmp
/usr/*
/usr/bin/
/usr/local/*
/usr/local/sbin/
/usr/local/bin/
/usr/sbin/
/usr/lib/
/usr/lib64/
/var/*
/var/lib/
/var/run/
/opt/kaspersky/kuma/
These patterns are specified as regular expressions and are used by the system to validate the path. The * character in patterns matches any sequence of characters and must not be manually specified in the path itself if it is not part of a valid path.
Files are available at the following paths:
/opt/kaspersky/kuma/clickhouse/logs/
/opt/kaspersky/kuma/mongodb/log/
/opt/kaspersky/kuma/victoria-metrics/log/
Description—resource description: up to 4,000 Unicode characters.
Advanced settings tab:
Character encoding setting specifies character encoding. The default value is UTF-8.
Debug—a toggle switch that lets you specify whether resource logging must be enabled. By default, this toggle switch is in the Disabled position.
Connector operation diagram:
All 1C technology log files are searched.
Log file requirements:
Files with the LOG extension are created in the log directory (/var/log/1c/logs/ by default) within a subdirectory for each process.
Events are logged to a file for an hour; after that, the next log file is created.
The file names have the following format: <YY><MM><DD><HH>.log. For example, 22111418.log is a file created in 2022, in the 11th month, on the 14th at 18:00.
Each event starts with the event time in the following format: <mm>:<ss>.<microseconds>-<duration_in_microseconds>.
The processed files are discarded.
Information about processed files is stored in the file /<collector working directory>/1c_log_connector/state.json.
Processing of the new events starts, and the event time is converted to the RFC3339 format.
The next file in the queue is processed.
Connector limitations:
Installation of a collector with a 1c-log connector is not supported in a Windows operating system. To set up file transfers of 1C log files for processing by the KUMA collector:
On the Windows server, grant read access over the network to the folder with the 1C log files.