# Log Exporter

## General

Logs will be **fetched every 60 seconds** and sent to your configured **Export Target(s)**. Currently, the Log Exporter can connect to the following target systems:

* [Microsoft Teams Channel](/admin-portal/settings/log-exporter/teams.md)
* [Azure Log Analytics Workspace](/admin-portal/settings/log-exporter/log-analytics.md)
* [Generic Webhook (JSON)](/admin-portal/settings/log-exporter/generic-webhook.md)

The Log Exporter allows you to configure a specific **Message Filter** for each target. For example: 

* Send every entry where a user was not able to login to a **Log Analytics Workspace**
* Send every failed TCP connection to a **Microsoft Teams Channel**

## Message Filter

The **Message Filter** that can be configured for each target helps you to only receive those logs, that are really relevant for your monitoring and alerting system.

<figure><img src="/files/cyDWWkOQFN5YOWRGw05z" alt=""><figcaption></figcaption></figure>

The filter can be configured to only consider logs from certain sources/sub-system from the RADIUSaaS platform:

* Rule Engine
* Authorization System
* Proxy Authentication

Furthermore, the log level can be configured for each of those sub-systems.

If you are familiar with reading the RADIUSaaS' [raw log data](/admin-portal/insights/log.md) and have already identified a set of  messages that are of interest for you, you can very easily derive from those messages the suitable filter settings for export. Therefore, below table provides a mapping from the log message origin (sub-system) to the `tags` property as well as from the log level to the `level` property of each log message.

| Filter               | Tag      | Level                                                                                                                                 |
| -------------------- | -------- | ------------------------------------------------------------------------------------------------------------------------------------- |
| Rule Engine          | `engine` | <p>Success = <code>INFO</code><br>Failed = <code>WARNING</code><br>Error = <code>ERROR</code></p>                                     |
| Authorization System | `detail` | <p>Requests = <code>debug</code><br>Success = <code>info</code><br>Failed = <code>warning</code><br>Error = <code>error</code></p>    |
| Proxy Authentication | `proxy`  | <p>Connections = <code>debug</code><br>Success = <code>info</code><br>Failed = <code>warning</code><br>Error = <code>error</code></p> |

<figure><img src="/files/NMsHBjqdG6LRgqGrhgq6" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/WYZ47IhKOlRIgZvpE7nq" alt=""><figcaption></figcaption></figure>

## Message

No matter which target type(s) you have selected, you will have to edit the data template describing how the export message should be structured using **Jinja2** as template engine:\
<https://jinja.palletsprojects.com/en/3.1.x/templates/>

The Log Exporter has access to every field in a log message that is hierarchically located under the`_source` property. It is made available through the `data` object in the **Message** editor.

<figure><img src="/files/hTtlvDkqgM5NvIyckN1s" alt=""><figcaption></figcaption></figure>

<figure><img src="/files/0YWY6niOdj6l8mwQrrU0" alt=""><figcaption></figcaption></figure>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.radiusaas.com/admin-portal/settings/log-exporter.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.