Agent properties and selectors
This page lists the properties and selectors available for querying and finding NXLog Agent instances within NXLog Platform. You can build search expressions by combining the supported operators and one or more agent properties to find matching NXLog Agent instances. For example, when viewing agents, setting up auto-enrollment rules, and assigning configurations.
Agent properties
Each NXLog Agent instance has several properties containing information about the agent’s operating environment. To those, NXLog Platform adds agent-management properties.
Property name | Description |
---|---|
|
Timestamp of the moment the agent first connected to NXLog Platform.
Example: |
|
Host IP address and port number used by the agent to connect to NXLog Platform or null when the agent is offline.
Example: |
|
CPU architecture of the agent’s host.
Possible values: |
|
Most recent log entries sent by this agent to NXLog Platform. |
|
Information about the stored certificate, including the start and expiration time. |
|
Optional description associated with the agent. |
|
Either the actual content of the agent |
|
Synchronization status of the agent configuration and the corresponding configuration in NXLog Platform.
|
|
Configuration status: |
|
Timestamp of the moment the agent last connected to NXLog Platform.
Example: |
|
Average CPU load of the agent process, measured since the process started. |
|
CPU usage time of the agent process, measured in milliseconds since the process started. |
|
Enrollment status of the agent: |
|
Timestamp of the moment the agent was most recently enrolled in NXLog Platform.
Example: |
|
Same as |
|
Information on any error related to the agent, for example if an invalid configuration was deployed on the agent. |
|
Log processing rate of the agent, in events per second (EPS). |
|
Number of file descriptors currently in use by the agent. |
|
Directories that can be used with the GetFile and PutFile web service requests. The name of the ACL is used in these requests together with the filename. ACLs are configured through the xm_admin module. |
|
Name of the files associated with the agent, namely the certificate files and the configuration file. |
|
Content of the files associated with the agent, namely the certificate files and the configuration file. |
|
Synchronization information for the files associated with the agent, namely the certificate files and the configuration file. |
|
Synchronization status of the agent files: |
|
Same as |
|
The hostname of the machine where the agent is running, as reported by the agent. |
|
The UUID of the agent in UUID Version 1 format. The agent typically reports its ID, but NXLog Platform can generate or overwrite it, for example, to avoid duplication when you create a second agent instance by cloning a VM. |
|
Names of all labels configured in the agent. Labels are configured through the xm_admin module. |
|
Custom key-value pairs defined with supplementary details about the agent, such as the display name, local contact information, and so on. Labels are configured through the xm_admin module. |
|
Timestamp of the last event processed by the agent.
Example: |
|
The NXLog Platform IP address and port number to which the agent is connected or |
|
Amount of RAM used by the agent in bytes. |
|
Names of the modules included in the agent configuration. |
|
Information about the modules included in the agent configuration. |
|
Same as |
|
Connection status of the agent: |
|
Type of operating system where the agent is running.
Possible values: |
|
Operating system type and version.
Example: |
|
|
|
Timestamp of the moment the agent was set to use a persistent log queue, |
|
Process identifier of the agent instance.
Example: |
|
Timestamp of the latest NXLog Platform data request from the agent.
NXLog Platform polls agents once every 60 seconds.
Example: |
|
Names of the routes included in the agent configuration. |
|
Information about the routes included in the agent configuration. |
|
Timestamp of the most recent agent start or restart.
Example: |
|
The agent’s management status: |
|
Overall synchronization status of the agent files with NXLog Platform, determined by the
|
|
UUID of the configuration assigned to the agent or |
|
Name of the configuration assigned to the agent or |
|
Number of threads the agent is using. |
|
Version of the agent.
Example: |
|
Information on any warnings related to the agent, for example if the agent files are not synchronized with NXLog Platform. |
Agent selector operators
You can use the following operators to write selectors for querying and finding agents.
Comparison operators
Comparison operators are binary operators that take the following form:
{expression 1} {operator} {expression 2}
Operator | Alternative spellings | Description |
---|---|---|
|
|
Tests if the property value is equal to the provided value. |
|
|
Tests if the property value is not equal to the provided value. |
|
|
Tests if the property value is less than or equal to the provided value. |
|
|
Tests if the property value is less than the provided value. |
|
|
Tests if the property value is greater than or equal to the provided value. |
|
|
Tests if the property value is greater than the provided value. |
|
|
Tests if the property value matches a wildcard expression. |
|
|
Tests if the property value matches a Rust-style regular expression. |
Logical operators
Logical operators can be unary or binary.
Operator | Alternative spellings | Description |
---|---|---|
|
Inverts (negates) the operators or expressions. Examples:
|
|
|
|
Pairs of sub-expressions connected using this operator must both evaluate to true for the full expression to be true. |
|
|
At least one of the sub-expressions connected using this operator must evaluate to true for the full expression to be true. |
|
The expression is true if the property is equal to one of a list of values. Example: |
|
|
Checks the property for existence or presence of value:
Examples:
|
|
|
True if the property exists. Example: |