Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
2836 Discussions

Anyone have a GROK pattern for EMA logs?

Avocado
Novice
‎07-19-2023 09:24 AM
941 Views

Anyone have a GROK pattern for EMA logs?

0 Kudos

Link Copied

4 Replies
Victor_G_Intel
Employee
‎07-20-2023 09:24 AM
909 Views

Hello Avocado,

 

Thank you for posting on the Intel® communities.


To move forward with your request we will require the information below:


  1. What EMA version are you currently using?
  2. How many endpoints do you have in your deployment?
  3. Is your installation a multi-server or a single server one?
  4. How are the endpoints provisioned CCM (client control mode) or ACM (admin control mode)?
  5. What is the reason you need the GROK pattern for the EMA logs?
  6. Is this request being done on behalf of a company? If yes, please provide as many details about the company as possible.

 

Best regards,

 

Victor G.

Intel Technical Support Technician


0 Kudos
Copy link
Avocado
Novice
‎07-20-2023 09:35 AM
906 Views
  1. What EMA version are you currently using? 1.10.1
  2. How many endpoints do you have in your deployment? Thousands
  3. Is your installation a multi-server or a single server one? Multi
  4. How are the endpoints provisioned CCM (client control mode) or ACM (admin control mode)? ACM
  5. What is the reason you need the GROK pattern for the EMA logs? Because the platform console is immature and requires a tech to log into the server to use the GUI. Even if you copy the logs to a share, they are complex and filled with a lot of information. It becomes very difficult to properly trace an asset configuration without ingesting it into a 3rd party app. 

    If your logs are ingested into Elastic\LogStash the data can be sliced a multitude of ways. e.g. Filtered for Errors, can follow attempts per asset, see enrollments over time, etc etc. 
0 Kudos
Copy link
Victor_G_Intel
Employee
‎07-20-2023 03:02 PM
895 Views

Hello Avocado,

 

Thank you for your response.

 

Please let me review this information internally, and kindly wait for an update.

 

Once we have more information to share, we will post it on this thread.

 

Regards,

 

Victor G.

Intel Technical Support Technician 


0 Kudos
Copy link
Victor_G_Intel
Employee
‎07-25-2023 12:54 PM
844 Views

Hello Avocado,

 

Thank you for your patience.

 

We currently don't provide any documented GROK pattern matching against the EMA logs.

 

Best regards,

 

Victor G.

Intel Technical Support Technician

 

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.