Log Files

In a false positive, why are you asking for a log file lines, I thought you would be able to find them yourself?

For security reasons (and simple logistics) SNF nodes only send us compiled statistics on system performance -- this is sufficient for our system to understand the performance of each rule, but does not expose your detailed logs to us -- for many folks that's important. The data that we receive in telemetry is very similar to what you see in your status.minute data. We used to collect log files, compile rule performance data from them, and then throw the rest away. With the new SNF the rule activity histogram and other performance data are pre-compiled and only the result is sent to us in telemetry.