LOG File Monitoring and Analysis

 Home  Previous  Next

Monitoring Studio Express enables you to monitor the presence, size, growth and security of a LOG file and also parse the content of the file.

What you can do with this tool

The LOG File Monitoring and Analysis tool is one of the most important tools within BMC Performance Manager Express Monitoring Studio tool-set. It allows you to:

Monitor the main characteristics of these files such as: Presence, size, growth & security

How it works (summary)

Application activity is usually recorded in LOG files, which is why LOG files are of extreme importance as they trace all operations.  Monitoring and analyzing LOG files enables identification and notification of errors or anomalies. LOG files keep growing in size, as activity is constantly logged in. Monitoring Studio Express renders easier analysis of large LOG files and its LOG file string search feature enables you to run searches only on the newly appended lines.

The basic steps to monitor and analyze a LOG file are:

1.Specify the LOG file or indicate the path to the directory that holds it
2.Select where the parsing should take place: On the managed element or on the RSM.
When the parsing is done on the RSM, the impact it has on the network traffic will depend on file size/growth of file. When the parsing is done on the managed element, the amount of CPU usage on the managed element will depend on the file size and growth of file.
3.Setup a string search or numeric value extraction to fine-tune the monitoring.

Behind the scenes

On Windows

The connection is established with the remote element through WBEM (WMI)
If a wildcard is used for the file name, then it is the Win32_Directory class looks for the most recently modified file.
The Win32_DataFile class is used to collect all the file-related data.
The values or information is displayed in the Portal interface through the various parameters

On UNIX/Linux

The connection is established with the remote element via SSH or Telnet
If a wildcard is used for the file name, then the command "find" is used to get the most recently modified file.
The command "ls" is used to find all the file-related data.
The values  or information is displayed in the Portal interface through the various parameters.

Parameters

Access Rights
Exists
Growth Percentage
Growth Speed
Group
Last Modified
Monitored File
Owner
Size

Note Details of parameters and alert conditions are stated in the Reference Guide.