Data anjing - log menejemen fun dan uji mental

The Datadog Log Management product includes which key features?. log collection, log processing, log analytics. log enrichment, log archiving, threat detection. redaction of sensitive data, log collection, Session Replay.

What is a PRIMARY benefit of indexing a subset of logs?. searching and building monitors from logs. storing logs in an external archive. filtering logs out of the Live Tail view.

What is a PRIMARY benefit of centralized logging?. It eliminates the need for system level metrics. It aggregates logs into one location for troubleshooting. It enables distributed tracing of applications.

Which of the following is a viable source for Datadog Agent v6+ log collection?. API endpoint. syslog server. files.

The Datadog Agent’s tailing method collect logs from. recent edits to a text file. security signals generated by a container. a DNS server’s response time.

What is the MOST efficient way to collect logs in order to debug an application?. Upload CSV log files to Datadog. Rehydrate logs from an archieve. Use the Datadog Agent to tail files.

Shipping logs to Datadog is more useful than locally tailing logs when. assessing the health of a single process. determining whether logs are being emitted or not. comparing historical log data to determine trends.

Which incoming Syslog severity level is mapped to the Datadog status attributes during preprocessing?. integers from 0 to 7. strings beginning with d, trace, or verbose. strings beginning with letters a, w, n, or i.

Which log format is automatically parsed by Datadog?. string format. CEF format. syslog format.

Which of the following attributes is reserved by Datadog?. message. environment. name.

Which log tag must be set for Datadog to automatically install an integration pipeline and its associated facets?. source. service. host.

For Agent v6.19+/v7.19+, what is the default transport used for logs?. HTTPS. TCP. UDP.

Which of the following represents an HTTP request processed by a web server?. system log. slow query log. access log.

Which of the following collects AWS managed services logs?. Datadog Forwarder. AWS crawler integration. Datadog Agent.

In the datadog yaml file, which parameter will send logs through TCP?. use_http: false. use_tcp: true. logs_no_ssl: false.

Which environment variables should be set to true to collect logs with the Datadog Docker Agent?. DD_LOGS_ENABLED and DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL. DD_CONTAINER_INCLUDE_LOGS and DD_LOGS_CONFIG_CONTAINER_COLLECT_ALL. DD_LOGS_ENABLED and DD_CONTAINER_INCLUDE_LOGS.

Which setting activates log collection for the Datadog Agent?. logs_enabled: true. logs_start: true. logs_collect: true.

What is the impact of using “multi-line” type as a log processing rule with Datadog Agent?. deduplicate multiple line into a single entry. aggregate several lines into a single entry. split up several lines into multiple entries.

which of the following is a recommended method to enable log collection with the Datadog Docker Agent?. use the default configuration settings. Edit the Agent main configuration file datadog.yaml. Pass the correct environment variables to the Agent.

When collecting logs in a containerized environment, the service and source tags default to the container. host. short image name. ID.

A user wants to enable log collection for a Python service on a Linux server. Which of the following files should be created or modified?. /opt/datadog-agent/sources/logging.yaml. /etc/datadog-agent/conf.d/python.d/conf.ini. /etc/datadog-agent/conf.d/python.d/conf.yaml.

Which of the following log processing rule parameter types should be used to prevent ID 666-00-1234 from leaking to Datadog while keeping record of it?. mask_sequences. exclude_at_match. include_at_match.

What is the BEST way to reduce the volume of indexed logs without losing the ability to track important trends?. Adjust the exclusion filter. Remove the pipeline filter. Delete the index filter.

What is the purpose of log obfuscation?. include logs based on a specified pattern. Redact sensitive information. Create aliases for log attributes.

When filtering logs in the Datadog Agent that match multiple patterns, the processing rules inside of log_processing_rule should be expressed as. multiple regular expression. a single regular expression. multiple Grok patterns.

Which of the following is the BEST method to override the default message of a log with an attribute value in order to perform a full text search over it?. Use the message remapper processor. Use the string builder processor. Use the attribute remapper processor.

What is the BEST way to connect a log to its associated trace if the Trace ID is stored in a custom attribute foo trace_id?. Use the log attribute Remapper processor to remap foo trace_id to the dd.trace_id attribute. Use the log attribute Remapper processor to remap foo trace_id to the trace_id tag. Use the log Trace ID Remapper to remap foo trace_id to the trace_id tag.

Which log processor is used to transform a duration contained in a log attribute from millisecond to nanosecond?. message. status. arithmetic.

JSON log attributes are automatically mapped to one of Datadog’s reserved attributes via. a custom Pipeline. a Remapper Processor. Preprocessing.

What data can be extracted from a URL within a log using the URL parser processor?. continent, country, and city. request, time, and duration. host, path, and query parameters.

Which processor captures details about the browser used to make a request?. URL parser. User-Agent parser. GeoIP parser.

What is the BEST way to reuse an integration pipeline with a different log source?. Duplicate the integration pipeline and change its name. Clone the integration pipeline and edit its filtering rule. Edit the integration pipeline with the new log source.

What is the correct processor used to concatenate values from two existing log attributes?. String builder. Lookup. Log message remapper.

Which of the following standard attributes triggers a visual indication and allows for full-text search?. logger.error_message. error.message. error.msg.

If a log contains an alias for a standard attribute, the log will contain which of the following?. both the alias and standard attribute. a default naming convention. a list of predefined standard attributes.

Which of the following attributes is a part of Datadog’s default set of standard attributes used for network communication?. my.http.url1. request.source.ip. network.client.ip.

In a Datadog Organization, what is the least privileged role that can add, remove, or edit facet?. standard. read-only. admin.

Logs inherit default tag data from the. content of the log message. hosts or integrations that generate the logs. pipeline used to parse the log’s attribute.

Which of the following search queries that returns a list of all logs containing a custom tag team with the value frontend?. custom:team:frontend. @team:frontend. team:frontend.

What is the BEST method to find the number of services reporting logs per host?. Group into Patterns > Show Count of all logs by Service and Host. Group into Fields > Show Count unique of Service by Host. Group into Transactions > Show Count unique of Service by Host.

When viewing a parsed log line. The Metrics tab will contain what information?. tags and application information of the underlying host or container. system telemetry of the underlying host or container. frequency of similar log lines from the underlying host or container.

Which attribute correlates a trace and a log?. log_id. trace_id. trace_source.

Which query allows a user to search for logs that have “could not resolved” in the message, and also contains a status tag with a value of error?. status:error AND “could not resolve”. “could not resolve” AND error. @status:error AND “could not resolve”.

Which of the following log search queries captures all logs with an info or error status?. status:(info OR error). info error. info OR error.

Which of the following log search queries captures all logs containing the words “foo” or “bar” in their message?. “foo OR bar”. foo OR bar. foo bar.

belum ada. a. a. a.

Which strategy is BEST when searching for case insensitive query terms?. Search for the term using the associated attributes. Search for the term using plain text without attributes. Search for term using the associated attributes.

Which query matches all logs coming from services that begin with web?. service: web?. service: *web. service: web*.

Which of the following features allows users to segment log data for setting different quotas and retention periods?. exclusion filters. log indexes. reserved attributes.

Which of the following actions exports Log Explorer data outside of Datadog?. Click the Export button and select notebook. Click the Export button and select Share view. Click the Export button and select Download as CSV.

Users create facets from a log attribute by. clicking on the attribute from an individual log. promoting the attribute as a standard attribute. entering the attribute into the log search.

Which tab within an individual log displays the content of a JSON log?. Trace. Event Attributes. Metrics.

What does the Displayed Lines option update in the Log Explorer?. number of columns. number of log records. number of lines per log.

The column feature in Log Explorer allows users to. group log into patterns. sort logs. perform analytics on logs.

Which Datadog element allows users to store Log Explorer context for Later use?. Log Pattern. Analytics. Saved View.

Which of the following methods BEST adjust the percentage of sampled logs in Live Tail?. Add a new column in the log output. Use filters to modify scope to a query. Choose a different time range.

Which page is used to view ingested logs?. Top List. Nested Tables. Live Tail.

Indexed logs are exported to a CSV using. Log Explorer. Live Tail. Exclusion Filters.

A customer reporting logs from both staging and production environments is asking how to be more efficient with their log management strategy. Which strategy would allow the customer to pay less for indexing their staging logs than they pay for production logs while retaining visibility?. Create an exclusion filter on staging logs. Create an archive for production environment logs. Create indexes with different retention periods.

What is the correct query to search for logs where the HTTP status code standard attributes is 200?. http.status_code:200. @http.status_code:200. http.status_code 200.

Which of the following are necessary to generate visualizations from logs?. archives and indexes. patterns and transactions. facet and measures.

Which of the following log search queries returns ONLY logs where HTTP status code is in the 5xx range?. @http.status_code:[500 to 599]. @http.status_code>200. @http.status_code:*.

Which action is triggered when clicking on a value in the facet panel?. an analytics is created. the pattern is displayed. the log search query is updated.

Which of the following tags allows users to view logs from a Python application running in production?. source and service. status and service. env and source.

Which field grouping query utilizes Timeseries visualization to display the volume of logs per service over time?. Show Count unique of Service . by Everything […]. Show Count of all logs. by Service […]. Show Count unique of Service. by Service […].

Which view is helpful for detecting and filtering repetitive errors that could cause a user to miss other issues?. Patterns. Signals. Issues.

Which grouping should be selected in Log Explorer to aggregate logs into groups based on a sequence of events?. Fields. Patterns. Transactions.

A user writes a query and switches from the List view to Timeseries view. What happens to the query?. The query is automatically written. The query remains the same. The query is deleted.

belum ada. a. b. c.

A Top List visualization is BEST used to view. hours with the most unique sessions by browser and device. unique sessions and latency per availability zone. customers with the most unique sessions in a day.

which of the following visualization allows a user to see the change of log over a selected time frame of a single measure?. Timeseries. Top List. List.

Which of the following features creates visualizations of the top values for attributes and breaks down data by additional groups?. Table. List. Top List.

When visualizing logs in a table view. Logs are grouped into. patterns. fields. transactions.

When generating log-based metrics. How are metric tags created from log attributes?. Attributes must be added to the search query. Metric tags are automatically added during generation. Attributes must be added in “group by”.

Log based metrics generated from the following example will include. a metric tag of source nginx. a metric tag key of http.status_code. multiple metric tags with both source nginx and http.status_code.

A query defined in log explorer can be exported to. a SIEM detection rule. an agent rule. a default policy file.

Logs exported as a table widget are used in. Notebooks and Monitors. Dashboards and Monitors. Dashboards and Notebooks.

A logs investigation is shared with teammates by. exporting to a Notebook. adding to an index. using Live Tail.

Which information is imported to a monitor when exported from Logs Explorer?. Search query. alert conditions. time selection.

To alert on log queries with ERROR or WARN statuses, the query is exported to a. Monitor. Dashboard. Notebook.

A triggered Log Monitor with Multi-Alert grouping in a set condition receives. one alert for multiple groups breaking the threshold. one alert per group breaking multiple threshold. a separate alert for each group breaking the threshold.

The MINIMUM information required to create a Monitor based on log data is. Priority, Alert Conditions, and What’s Happening. Search Query, Alert Conditions, and What’s Happening. Search Query, Priority, What’s Happening.

Which Agent command troubleshoot a potential log collection issue?. help. status. check.

A Datadog Agent’s continuous access for rotated log files is enabled by. creating ACLs and modifying logrotate. allowing permission once for log file rotation. granting the dd-agent user execute permissions.

A user is troubleshooting why no log appearing in Datadog. Which of the following Datadog Agent commands is used to send troubleshooting information to the Datadog support team?. flare. tail. upload.

What is the MOST likely cause for logs appearing in Live Tail but not in Log Explorer?. An index filter is including those logs. An index exclusion filter is matching those logs. An archive filter is conflicting with an index filter.

How could a Grok parsing error be identified when logs appearing in the Log Explorer do not have the correct attribute?. Go to the Live Tail view for logs and compare incoming unprocessed logs with an incorrectly parsed log to find any discrepancies. Paste an unprocessed log from that service’s Live Tail view into the corresponding Grok parser for the service’s pipeline to see which part of the parser is failing. Paste a processed log from that service’s Log Explorer view into the corresponding Grok parser for the service’s pipeline to see which part of the parser is failing.

Which log configuration should be adjusted to ensure that logs are parsed as expected?. Pipeline Processors. Exclusion Filters. Indexes.

When leveraging multiple Log Service Remapper processors within a single pipeline, why might a log be assigned to the incorrect service?. Only the last matching processor is taken into account. Services must be statically defined. Only the first matching processor is taken into account.

Which configuration would allow a user to generate the duration distribution metric per env for the service web-store from its associated logs?. a. b.