Comment on page

Selecting Files to Index

Log in to Scanner and choose the S3 log files you want to index

Concierge onboarding

The Scanner team offers a concierge onboarding service to all new customers where we walk through the onboarding process together, executing the CloudFormation template, choosing files to index, and making sure everything is running smoothly. This meeting usually takes 30 minutes, with an optional additional 30 minutes for questions and product feedback.
If you want to change which files to index later, you can follow these steps.

Selecting files to index

Once the S3 integration has completed, your Scanner instance will have permission to read files from your buckets.
To configure your Scanner instance to begin to read log files, log in to your Scanner instance via Users with access to the Scanner admin UI can create Object Import Match Rules to select the files to index.
Give a Name to the rule. You will be able to use this name in your queries.
Select the Bucket containing the log files to index, and provide an optional Prefix to select a subset of logs in the bucket. The Regex can be used to further filter keys that match a given prefix.
Choose the Format of your logs, which can be JSON, Parquet, CSV, and plaintext. Choose the compression format as well. Scanner will automatically detect these formats (coming soon).
Choose the field in the log events that contains a timestamp. Use a regular expression with a capture group to let Scanner know which part of the field contains the timestamp. Scanner will automatically detect the timestamp for most common log types.
Note: A rich interactive experience for creating import rules is coming soon.