The monitor command launches a monitor terminal application. The monitor mode can be used to see a live view of the running state of the Falcon LogScale Collector. The running sources, queues and sinks can be inspected in real time.

Start the monitor by running the following command:

logscale-collector monitor --cfg path/to/config.yaml

Once you have run the command the monitor terminal application is displayed with details on the specified instance.

Figure 44. Logging

The query command can be used to query metrics or internal logs:

The internallogs command fetches the debug log of a running Falcon LogScale Collector through the local API, without having to restart or reconfigure the service. The debug log via local API is unfiltered, and is not affected by --log-level, logLevel or the internal debug log sender feature.

logscale-collector query internallogs --cfg <path to config>

The metrics command returns the metrics of pipelines for collecting data. The metrics include meters and gauge describing the flow of data through the ___lc__name__.

The metrics can be retrieved as JSON via:

logscale-collector query metrics --cfg <path to config>

This command can help troubleshoot an installation by creating an all-in-one debug file that can be shared with support.

The export-debug command connects to the local API to pull the running state, metrics and debug log without disturbing the running sources and sinks. The command creates a file called debug.zip in the current directory. The file contains the following information:

Additionally, you can run commands to export metrics and internal logs.

Run the following command to export the debug file:

logscale-collector export-debug --cfg <path to config>