Add a log correlator to identify relationships in logs

  • Release version: Yokohama
  • Updated January 30, 2025
  • 1 minute to read

    • Detect related alerts in log data by adding log correlators. The base system includes several log correlators and you can define custom log correlators.

    Before you begin

    Role required: evt_mgmt_operator or evt_mgmt_admin

    About this task

    For information about the types and functions of log correlators, see Identifying relationships in log data by using log correlators.

    Procedure

    1. Use one of the following methods to add a log correlator.
      OptionProcedure
      Add a log correlator for a specific log source
      1. Navigate to Health Log Analytics > Log Anomaly Detection > Log Correlators. The list of existing log correlators opens.
      2. Click the name of a log correlator. The names appear in the Correlation indicator column.
      3. Click New.
      Add a log correlator that applies either to all log sources or to only those log sources that become active after you define this log correlator
      1. Navigate to Health Log Analytics > Data Input > Log Sources.
      2. Click the name of the log source.

        The Log correlators related list displays the list of existing log correlators that analyze log data from the selected log source.

      3. On the Log correlators tab, click New.
    2. Fill in the Log correlator form.
      For a description of the fields, see Log correlators form fields.
    3. Select Active and then click Submit.