Tech Tested
How to Export Logs from Aria Operations for Logs in a JSON Format
Jul 19
2 min read
0
23
0
Recently, I spoke with a large social media platform who wanted to use Aria Operations for Logs predominately for log forwarding. They want to forward logs to BigQuery, a cloud based data lake where they can do data processes.
However, they required that the logs be sent over in a JSON forma so that they could parse the data within the logs for easier data processing. Additionally, they wanted to be able to create and send alerts based on said logs. As a large and technically advanced organization, they wanted to do this almost entirely through APIs and wanted to avoid any use of the UI.
How to Export Logs:
Although my client did not want to use the UI, I feel like it is necessary to note that you can export logs in a JSON format right from the UI. This is available within the SaaS and On-Prem version.
UI Log Export:
Procedure
Go to Explore Logs.
Enter a query and click the Search button to view the results.
On the upper-right corner of the page, click the export or share icon and click Export Logs.
In the pop-up window, enter a name and select the format of the log export file.
You can export logs in RAW, CSV, and JSON format.
Click Export
Command line export:
If you prefer to perform a log export via a command line, one option is to export the log archives to a JSON format. The process is rather involved, but it can be done as described in this following link:
On Prem - Export a VMware Aria Operations for Logs Archive to a Raw Text File or JSON:
If you are looking for more command line fun, the API calls are quite robust:
The VMware Aria Operations for Logs (SaaS) API
Getting Started With Aria Logs APIs
API Calls for Creating Alerts and Notifications
Specifically, my client was looking to forward alerts. One possibility is to do this via Webhook:
Configure a Webhook to Send Alert Notifications
For the SaaS version, its even easier to forward logs. By default, forwarded logs are in a JSON format when forwarded to a UDP or TCP endpoint:
Forward Logs from VMware Aria Operations for Logs (SaaS)
Hope this helps!