File Connector

Overview

The File connector monitors and collects log data from files and directories on hosts where Edge Delta agents are deployed. It tails log files, watches for new files matching patterns, and streams content into Edge Delta Pipelines for analysis by AI teammates through the Edge Delta MCP connector.

When you add this streaming connector, it appears as a File source in your selected pipeline. AI teammates access this data by querying the Edge Delta backend with the Edge Delta MCP connector.

Add the File Connector

To add the File connector, you specify file paths or glob patterns to monitor, then deploy to an environment.

Prerequisites

Before configuring the connector, ensure you have:

• Edge Delta agent deployed with read access to log files
• Log files or directories accessible from the agent host
• File paths or glob patterns identified for monitoring

Configuration Steps

1. Navigate to AI Team > Connectors in the Edge Delta application
2. Find the File connector in Streaming Connectors
3. Click the connector card
4. Configure the Path with file location or glob pattern
5. Optionally add File Exclude patterns
6. Select a target environment
7. Click Save

The connector is now monitoring files and streaming content.

Configuration Options

Connector Name

Name to identify this File connector instance.

Path

Full path to the file(s) to monitor. Supports wildcards and glob patterns for matching multiple files.

Format: Absolute or relative path with optional wildcards

Examples:

• path/to/your/log/files/*.log - All .log files in directory
• /var/log/application/*.log - Absolute path with wildcard
• /var/log/nginx/access.log - Specific file
• /var/log/**/error.log - Recursive pattern matching

File Exclude

Optional list of file patterns to exclude from monitoring. Supports regex patterns to filter out unwanted files.

Format: File path or regex pattern

Examples:

• path/to/your/log/files/dev.log - Exclude specific file
• .*\.gz - Exclude compressed files
• .*/archive/.* - Exclude archive directories

Advanced Settings

Metadata Level

This option is used to define which detected resources and attributes to add to each data item as it is ingested by Edge Delta. You can select:

• Required Only: This option includes the minimum required resources and attributes for Edge Delta to operate.
• Default: This option includes the required resources and attributes plus those selected by Edge Delta
• High: This option includes the required resources and attributes along with a larger selection of common optional fields.
• Custom: With this option selected, you can choose which attributes and resources to include. The required fields are selected by default and can’t be unchecked.

Based on your selection in the GUI, the source_metadata YAML is populated as two dictionaries (resource_attributes and attributes) with Boolean values.

See Choose Data Item Metadata for more information on selecting metadata.

File-specific metadata included:

• ed.filepath - Full path to the file being monitored
• ed.filepath.glob - Glob pattern used to match the file

Rate Limit

Rate limit configuration to control maximum data ingestion volume from files and manage processing capacity.

Target Environments

Select the Edge Delta pipeline (environment) where you want to deploy this connector.

How to Use the File Connector

The File connector integrates seamlessly with AI Team, enabling analysis of log data from files across your infrastructure. AI teammates automatically leverage the ingested data based on the queries they receive and the context of the conversation.

Use Case: Application Log Monitoring

Monitor application logs across multiple hosts to track errors, performance issues, and user activity. AI teammates can analyze log patterns, identify error spikes, and correlate issues across application instances. When combined with PagerDuty alerts, teammates automatically query recent application logs during incident investigation to identify root causes.

Configuration: Path: /var/log/application/*.log, File Exclude: /var/log/application/debug.log

Use Case: Web Server Access Log Analysis

Collect access logs from web servers like Nginx or Apache to analyze traffic patterns, identify suspicious activity, and track performance metrics. AI teammates can detect anomalies in request patterns, identify bot traffic, and analyze endpoint performance across your server fleet.

Configuration: Path: /var/log/nginx/access.log*, File Exclude: /var/log/nginx/access.log.*.gz (exclude rotated compressed logs)

Use Case: System Log Aggregation

Gather system logs from critical infrastructure components to monitor system health, track configuration changes, and identify security events. AI teammates analyze syslog data to detect authentication failures, system errors, and resource warnings, providing proactive infrastructure monitoring.

Configuration: Path: /var/log/syslog, File Exclude: /var/log/syslog.*.gz

Troubleshooting

No logs appearing: Verify file paths are correct and files exist (ls /var/log/application/*.log). Check Edge Delta agent has read permissions (ls -l /path/to/logfile).

Permission denied errors: Ensure Edge Delta agent user can read the files. Adjust file permissions if needed (chmod 644 /path/to/logfile).

Missing some log files: Check glob patterns match expected files. Verify exclude patterns aren’t filtering out desired files.

Duplicate log entries: Check that exclude patterns filter out rotated/compressed files (*.gz, *.bz2). Ensure no multiple connectors monitoring same files.

Rotated logs not detected: Connector follows active log files. Use glob patterns to match rotated files (e.g., /var/log/app.log*).

High memory usage: Limit the number of files monitored. Use exclude patterns to filter out unnecessary files. Adjust rate limiting settings.

Next Steps

• Learn about creating custom teammates that can use log data
• Explore the Edge Delta MCP connector for querying log data

For additional help, visit AI Team Support.