AzStackHciStandaloneObservability/package/bin/ObsAgent/lib/Scripts/DiagnosticLogRoleConfiguration.json
|
{
"DeploymentLogs": { "Nodes": [ "PhysicalMachines", "AllVms" ], "FileLog": [ "$env:SystemDrive\\CloudDeployment\\Logs\\" ], "CSVLog": [], "WindowsEventLog": [] }, "BareMetal": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:windir\\logs\\DISM\\DISM.log", "$env:windir\\Logs\\CBS\\" ], "CSVLog": [], "WindowsEventLog": [ "Setup", "System", "Application", "*Microsoft-Windows-DSC*", "Microsoft-Windows-Health/Diagnostic", "Microsoft-Windows-Kernel-Boot/Operational", "Microsoft-Windows-CodeIntegrity/Operational", "Microsoft-Windows-PowerShell/Operational", "Microsoft-Windows-BitLocker/BitLocker Management", "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational", "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin", "Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Verbose", "Microsoft-Windows-SMBServer/Audit", "Microsoft-Windows-SmbClient/Security", "Microsoft-Windows-SmbClient/Audit", "Microsoft-Windows-FailoverClustering/Diagnostic", "Microsoft-Windows-FailoverClustering-NetFt/Verbose" ] }, "ECE": { "Nodes": [ "PhysicalMachines", "AllVms" ], "FileLog": [ "$env:SystemDrive\\maslogs\\", "$env:LocalRootFolderPath\\maslogs\\", "$env:SystemDrive\\Observability\\maslogs\\", "$env:SystemDrive\\Observability\\ECE", "$env:SystemDrive\\Observability\\ECEAgent" ], "CSVLog": [], "WindowsEventLog": [ "Microsoft-Windows-WMI-Activity/Operational", "Microsoft-Windows-WinRM/Operational" ] }, "ALM": { "Nodes": [ "PhysicalMachines", "AllVms" ], "FileLog": [ "$env:SystemDrive\\Observability\\ALM\\*.etl*", "$env:SystemDrive\\Observability\\ALMSystemAgents\\", "$env:SystemDrive\\Observability\\TraceCollectorAgent\\*.etl*", "$env:SystemDrive\\maslogs\\AgentTrace\\*.etl", "$env:LocalRootFolderPath\\maslogs\\AgentTrace\\*.etl" ], "CSVLog": [], "WindowsEventLog": [] }, "MOC_ARB": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\Observability\\MOC_ARB\\" ], "CSVLog": [ "$env:SystemDrive\\ClusterStorage\\Infrastructure_1\\ArcHci\\ubercrud.log" ], "WindowsEventLog": [ "Microsoft-Windows-Hyper-V-Config-Admin.evtx", "Microsoft-Windows-Hyper-V-Config-Operational.evtx", "Microsoft-Windows-Hyper-V-Shared-VHDX/Reservation.evtx" ] }, "FleetDiagnosticsAgent": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\Observability\\FleetDiagnosticsAgent\\*.etl*" ], "CSVLog": [], "WindowsEventLog": [] }, "ObservabilityAgent": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\Observability\\ObservabilityAgent\\*.etl*" ], "CSVLog": [], "WindowsEventLog": [] }, "ObservabilityLogmanTraces": { "Nodes": ["PhysicalMachines"], "FileLog": [ "$env:SystemDrive\\Observability\\ObservabilityLogmanTraces\\observabilityLogmanTraces.etl*" ], "ShareLog": [], "WindowsEventLog": [] }, "RemoteSupportAgent": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\Observability\\RemoteSupportAgent\\*.etl*" ], "CSVLog": [], "WindowsEventLog": [] }, "OSUpdateLogs": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:windir\\logs\\mosetup\\updateagent.log", "$env:SystemDrive\\`$WINDOWS.~BT\\Sources\\Panther\\setupact.log", "$env:windir\\logs\\windowsupdate\\*.etl*", "$env:windir\\Logs\\CBS\\" ], "CSVLog": [], "WindowsEventLog": [] }, "AutonomousLogs": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\Observability\\AutonomousLogs\\" ], "CSVLog": [], "WindowsEventLog": [] }, "OEMDiagnostics": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\Observability\\OEMDiagnostics\\*.etl*" ], "CSVLog": [], "WindowsEventLog": [] }, "ObservabilityVolume": { "Nodes": [ "PhysicalMachines", "AllVms" ], "FileLog": [], "CSVLog": [], "WindowsEventLog": [ "Microsoft-AzureStack-Observability/Operational" ] }, "HostNetwork": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\Observability\\HostNetwork\\NetworkAtcTracing\\NetworkAtcTrace_*.etl*", "$env:LocalRootFolderPath\\NetworkAtcTracing\\NetworkAtcTrace_*.etl*" ], "WindowsEventLog": [ "Microsoft-Windows-Networking-NetworkAtc/Admin", "Microsoft-Windows-Networking-NetworkAtc/Operational" ] }, "Health": { "Nodes": [ "PhysicalMachines", "AllVms" ], "FileLog": [ "$env:SystemDrive\\Observability\\HealthAndMonitoring\\Diagnostics\\HealthAgent\\*Health.HealthAgent*.etl*", "$env:SystemDrive\\Observability\\HealthAndMonitoring\\Diagnostics\\HealthAgent\\CommonInfra\\*Health.HealthAgent.CommonInfra*.etl*", "$env:SystemDrive\\Observability\\HealthAndMonitoring\\Diagnostics\\HealthService\\*Health.HealthService*.etl*" ] }, "HCICloudService": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:systemdrive\\Users\\HciDeploymentUser\\Documents\\Register*.log", "$env:systemdrive\\Users\\HciDeploymentUser\\Documents\\Unregister*.log", "$env:systemdrive\\ProgramData\\AzureConnectedMachineAgent\\Log\\*.log", "$env:windir\\Windows\\Tasks\\ArcForServers\\*.log" ], "CSVLog": [], "WindowsEventLog": [ "Microsoft-AzureStack-HCI/Admin", "Microsoft-AzureStack-HCI/Debug", "Microsoft-AzureStack-HCI-ClusterAgent/Admin", "Microsoft-AzureStack-HCI-ClusterAgent/Debug" ] }, "DownloadService": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\Observability\\Download\\Standalone\\*Microsoft.AzureStack.Download.DownloadStandalone*.etl*", "$env:SystemDrive\\Observability\\Download\\Service\\*Microsoft.AzureStack.Download.DownloadService*.etl*", "$env:SystemDrive\\Observability\\Download\\CauDebugTraces\\*.zip", "$env:SystemDrive\\Observability\\URP\\UdiSessions\\" ], "CSVLog": [ "$env:SystemDrive\\ClusterStorage\\Infrastructure_1\\Shares\\SU1_Infrastructure_1\\Updates\\GetCauOutput\\" ], "WindowsEventLog": [] }, "URP": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\Observability\\URP\\*AzureStack.Update.Admin*.etl*" ], "CSVLog": [], "WindowsEventLog": [] }, "ArcAgent": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\ProgramData\\AzureConnectedMachineAgent\\Log" ], "CSVLog": [], "WindowsEventLog": [] }, "Extension": { "Nodes": [ "PhysicalMachines" ], "FileLog": [ "$env:SystemDrive\\ProgramData\\GuestConfig\\ext_mgr_logs", "$env:SystemDrive\\ProgramData\\GuestConfig\\arc_policy_logs", "$env:SystemDrive\\ProgramData\\GuestConfig\\extension_logs", "$env:SystemDrive\\ProgramData\\GuestConfig\\extension_reports" ], "CSVLog": [], "WindowsEventLog": [] }, "CommonInfra": { "Nodes": [ "PhysicalMachines", "AllVms" ], "FileLog": [ "$env:SystemDrive\\Observability\\CommonInfra\\Service\\*AzureStack.Common.Infrastructure*.etl*", "$env:SystemDrive\\Observability\\CommonInfra\\Middleware\\*AzureStack.Common.Infrastructure.Middleware*.etl*" ], "CSVLog": [], "WindowsEventLog": [] } } |