The Challenge: Log information overload
Any Operations Support person can tell you, one of the challenges of the job is making use of logfiles to help keep abreast of potential problems.
However, if you have ever sat in front of a NonStop Viewpoint or EMS console display, you would know that the amount of messages that scroll by is impossible for one to read, let alone analyze.
Or open up any application disk log file, and I can bet you that there are tons of messages in there that no one knows what they mean. Except maybe the person who wrote the program. See if this scenario sounds familiar:
Operation: “I just saw this message in the log. What should I do with it?
Developer: “Oh, don’t worry about it. It’s just a debugging statement.”
Operation: “What about that one?”
Developer: “You can ignore that one too. It’s just an informational statement.”
Log Messages are not important!
Making Log Messages Meaningful
The major difficulty that arises is that logfiles serve purposes that demand two somewhat conflicting sets of requirements:
- Logs must be as detailed as possible, to help Development find very specific information about why and how something has happened.
- Logs must be understandable and simple enough to facilitate the Operation’s and Technical Support’s job of actually making sense of them to respond in a timely manner
There is a better way – LogWatch
TIC’s Logwatch utility is designed to make a Support person’s job easier by doing some basic analyzing and display formatting for a wide range of logfile types. Logwatch can be easily configured to parse through your system’s OSS and Guardian logs to detect errors and raise alerts.Logwatch is easy to use and will work right out of the package to help you monitor OSS log files such as iTP Web Server logs and Java logs, or Guardian applications logs or EMS and VHS.
LogWatch allows you define what messages you are interested in, and filters out the rest for you.
Below is an example of how LogWatch can look for specific entries, e.g. [ERROR] in a very busy log file.
LogWatch can further extract relevant parts from the message, and add text to make it more meaningful.
” 2012-07-03 07:03:24 JAVA PROGRAM ERROR: getParamValue – SVBH-DCI-HEADER Contact Development “
The above line consists of EXTRACTED entries from the log message, plus ADDITONAL TEXT (underlined) added by LogWatch to make the log message less cluttered and more meaningful.
- Keep complete and detailed logs
- Plan ahead, and use filtering to minimize clutter when searching through logs for relevant information.
- Let LogWatch automate your Nonstop log monitoring without over burdening your EMS logs
Other Blogs you may be interested in
- Learning Modernization – Where to Start?
- Know your OSS Logs Part 1 – iTP Web Server
- Know your OSS Logs Part 2 – Java Servlet
Do you find this tutorial blog helpful? Let us know what you think, and how we can make it even better. Don’t forget, you can subscribe to our blogs (top right-hand corner) to get automatic email notification when a new blog is available.
Phil Ly is the president and founder of TIC Software, a New York-based company specializing in software and services that integrate NonStop with the latest technologies, including Web Services, .NET and Java. Prior to founding TIC in 1983, Phil worked for Tandem Computer in technical support and software development.