Index Patterns Management

  • Pattern: This column lists the pattern used to match against multiple index names.
  • Used by Integration: Indicates the integration from which the logs are generated.
  • Action: Allows the user to perform actions such as editing or deleting the index patterns (only when it’s not been used for the integration).
Examples of patterns and their uses:
  • log-* - Matches all indices that start with log-.
  • alert-* - Matches all indices that start with alert-.
  • log-wineventlog-* - Used for indices related to Windows event logs.
  • log-o365-* - Used for Office 365 logs.
  • log-firewall-* - Matches indices for various firewall logs.
The user can also create new index patterns to match their indexing needs by using the “Create index pattern” button.