| STT | Loại log | Trường cần log | Nguồn | |
| 1 | Application log | service (eg: topkid-feedback-prod) timestamp message log_level (eg: ERROR) | kafka | app-* |
| 2 | NGINX ingress access log | @timestamp client_ip docker.container_id http_host http_method http_path http_referer http_user_agent request_time status upstream_addr upstream_connect_time upstream_header_time upstream_response_time upstream_status user_id user_name user_role app_os app_uuid app_version | ? | ingress-access* |
| 3 | NGINX ingress error log | @timestamp docker.container_id host log_level message | ? | ingress-error* |
| 4 | MYSQL slow log | timestamp (start_time) query_db query_host query_ip query_lock_time query_rows_affected query_rows_examined query_rows_sent query_sql query_time query_user | rsyslog | mysql_slow-* |
| 5 | MYSQL error log | timestamp sysloghost loglevel message | rsyslog | mysql-* |
| 6 | Server AUTH log | sysloghost timestamp message ssh_authmethod ssh_authresult ssh_client_ip ssh_protocol ssh_user | ? | auth-* |
| 7 | Server COMMAND log | sysloghost timestamp message user command procid programname | ? | command-* |
| 8 | Server FIREWALL log | sysloghost timestamp ufw_action ufw_dest_ip ufw_dst_port ufw_interface ufw_mac ufw_out_interface ufw_protocol ufw_src_ip ufw_src_port ufw_tcp_opts message | /var/log/ufw.log | firewall-* |
| 9 | Server log | sysloghost timestamp message log_level procid programname | /var/log/message /var/log/syslog | rsyslog-* |