Data Collection Overview

Data collection is the process that allows you to send you log data to InsightOps from applications and assets, whether they're hosted or on-premises, physical or virtual.

Additionally, data collection reduces the need for storing lots of log data locally. Multiple logs can be centralized and searched in one place even, if they originate from disparate locations. Once properly configured, data collection also allows InsightOps to send you alerts and analyze your data.

How Does InsightOps Collect Data?

InsightOps collects data from your assets (endpoints) and your network in four distinct ways: the Insight Agent, REST API, syslog, and application logging.

InsightOps no longer includes event source management

As of October 2022, InsightOps does not allow you to manage event sources in the product. If you have an InsightIDR account, you can manage event sources there and the data is shared with InsightOps.

The Insight Agent

The Insight Agent is installed on individual assets and sends asset information to InsightOps. It also sends hardware metrics and usage details (disk usage, etc), and sends log files that the user specifies - typically system or application logs. And, if running on a Windows host, the agent will send log detail from the windows event log.

Please ensure that your assets meet the technical requirements outlined here. You can also read more about the Insight Agent here.

Syslog

Logging from systems allows you to directly send log data to InsightOps. Learn more about syslog here.

Application Logging

If you are programming an application, you can use one of the many language libraries to send data to InsightOps.