Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
3045 Discussions

Anyone have a GROK pattern for EMA logs?

Avocado
Novice
‎07-19-2023 09:24 AM
1 785 Visites

Anyone have a GROK pattern for EMA logs?

0 Compliments

Lien copié

4 Réponses
Victor_G_Intel
Employé
‎07-20-2023 09:24 AM
1 753 Visites

Hello Avocado,

 

Thank you for posting on the Intel® communities.


To move forward with your request we will require the information below:


  1. What EMA version are you currently using?
  2. How many endpoints do you have in your deployment?
  3. Is your installation a multi-server or a single server one?
  4. How are the endpoints provisioned CCM (client control mode) or ACM (admin control mode)?
  5. What is the reason you need the GROK pattern for the EMA logs?
  6. Is this request being done on behalf of a company? If yes, please provide as many details about the company as possible.

 

Best regards,

 

Victor G.

Intel Technical Support Technician


0 Compliments
Copier le lien
Avocado
Novice
‎07-20-2023 09:35 AM
1 750 Visites
  1. What EMA version are you currently using? 1.10.1
  2. How many endpoints do you have in your deployment? Thousands
  3. Is your installation a multi-server or a single server one? Multi
  4. How are the endpoints provisioned CCM (client control mode) or ACM (admin control mode)? ACM
  5. What is the reason you need the GROK pattern for the EMA logs? Because the platform console is immature and requires a tech to log into the server to use the GUI. Even if you copy the logs to a share, they are complex and filled with a lot of information. It becomes very difficult to properly trace an asset configuration without ingesting it into a 3rd party app. 

    If your logs are ingested into Elastic\LogStash the data can be sliced a multitude of ways. e.g. Filtered for Errors, can follow attempts per asset, see enrollments over time, etc etc. 
0 Compliments
Copier le lien
Victor_G_Intel
Employé
‎07-20-2023 03:02 PM
1 739 Visites

Hello Avocado,

 

Thank you for your response.

 

Please let me review this information internally, and kindly wait for an update.

 

Once we have more information to share, we will post it on this thread.

 

Regards,

 

Victor G.

Intel Technical Support Technician 


0 Compliments
Copier le lien
Victor_G_Intel
Employé
‎07-25-2023 12:54 PM
1 688 Visites

Hello Avocado,

 

Thank you for your patience.

 

We currently don't provide any documented GROK pattern matching against the EMA logs.

 

Best regards,

 

Victor G.

Intel Technical Support Technician

 

0 Compliments
Copier le lien
Répondre

L'assistance à la communauté est fournie du lundi au vendredi. D'autres moyens d'entrer en contact sont disponibles ici.

Intel ne vérifie pas l'intégralité des solutions, y compris, entre autres, les transferts de fichiers qui peuvent avoir lieu au sein de cette communauté. Intel décline donc toutes garanties explicites et implicites, y compris, sans s'y limiter, les garanties implicites de qualité marchande, d'adéquation à un usage particulier et de respect des droits de propriété intellectuelle, ainsi que toute garantie découlant des performances, des transactions ou de l'utilisation.

Pour obtenir des informations plus complètes sur l'optimisation des compilateurs, voir notre Avis d'optimisation.