Forum Discussion
Ingestion of Custom Logs of Files (Never Updated) in Azure Sentinel
simonepatonico Does the new file following the required naming standards in regards to having the date and time as part of the filename?
GaryBushey For now I did some tests with files named Norma01.csv, Norma02.csv, etc...
I did the configuration required on the Log Analytics Workspace as you can see from the attached figure.
simonepatonico Looking at the document link you posted it states the following. Are you following this naming convention? It did not look like it from your image unless there is only 1 entry in the file that was shown in the image.
The log must either have a single entry per line or use a timestamp matching one of the following formats at the start of each entry.
YYYY-MM-DD HH:MM:SS
M/D/YYYY HH:MM:SS AM/PM
Mon DD, YYYY HH:MM:SS
yyMMdd HH:mm:ss
ddMMyy HH:mm:ss
MMM d hh:mm:ss
dd/MMM/yyyy:HH:mm:ss zzz
yyyy-MM-ddTHH:mm:ssKGaryBushey The log file has a single entry per line.
Also, all the other prerequisites are satisfied:
- The log file does not allow circular logging or log rotation (In my case the file is never changed)
- The log file must use ASCII or UTF-8 encoding (In my case the log file uses UTF-8 encoding).
simonepatonico And just to confirm my understanding, when you get a new file added to the folder, you never see its data being uploaded. Is that correct?