15
SMART LOG ANALYSIS A General Framework and SMB Prototype Windows Serviceability Tim Burke, Kishore Chintalapati (manager) Mike Tiberio (coach), Apurva Sharma, Samarth Shetty Badilaguthu

Smart Log Analysis

Tags:

Embed Size (px)

DESCRIPTION

 

Citation preview

Page 1: Smart Log Analysis

SMART LOG ANALYSIS

A General Framework and SMB Prototype

Windows ServiceabilityTim Burke, Kishore Chintalapati (manager)

Mike Tiberio (coach), Apurva Sharma, Samarth Shetty Badilaguthu

Page 2: Smart Log Analysis

TALK OVERVIEW

Problem Space Current Approaches Design Objectives My Project: Smart Log Analysis and SMB Prototype Benefits Future Plans Demo

Page 3: Smart Log Analysis

PROBLEM SPACE

Multiple Data Sources Multiple Tools (Netmon, Perfmon, Notepad,

…) Difficulty in correlating different source

Information Overload Manual Analysis Knowledge Loss

Page 4: Smart Log Analysis

CURRENT APPROACHES

Open Notepad Open NetMon Repeat The Nuclear Option

Perl Grep

Credit: Eric Roode

\b(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\b

http://www.regular-expressions.info/examples.html

Page 5: Smart Log Analysis

THE RADIANT FUTURE

Network Captures ETW Traces Custom Logs

Smart Analysis Framework

Viewer Automatic Analysis

Page 6: Smart Log Analysis

DESIGN OBJECTIVES

A unified way of viewing, searching, and analyzing data

Easily track and highlight relationships among data.

Group data into high-level operations Extensibility and Flexibility

Page 7: Smart Log Analysis

DESIGN CONSIDERATIONS

Data is data, independent of the source Data consists of sets of named values Modular Easy rule creation Performance and Scalability Developer focused

Page 8: Smart Log Analysis

MY PROJECT

Framework Viewer Prototype Text Rule Editor

From Logs From Source

Extensible Component Agnostic Scalable Embeddable

Page 9: Smart Log Analysis

THE FRAMEWORK

Storage Plugins

Provider RulesFile Format Plugins

Log Viewer

Query Engine

SQL Server

Parsed Data

Log Parser

ETW Parser

Windows Events

Etc.

RDR

SRV

Log FIles

Config Files

Custom Storage

Parsed Data

Storage Manager

Format Engine

CLR Adapter

Formatting Rules

Saved Queries

Page 10: Smart Log Analysis

LOG VIEWER

Boolean expression filters Filter based on any tag or value Similar to Netmon filters

Procedural queries Data correlation Complex scenarios

Custom formatting

Page 11: Smart Log Analysis

TEXT LOG RULE EDITOR

Easy creation of parsing rules From text logs From source code

Preview rule effects

Page 12: Smart Log Analysis

BENEFITS

Allows quicker, easier debugging Automates common analysis tasks Merges data sources to allow cross-

source analysis.

Page 13: Smart Log Analysis

FUTURE PLANS

Complete the prototypes Implement more log parsers (Netmon,

…) Have component experts create rule

sets Implement automatic analyses on top

of the framework Integrate with other tools for capturing

data like MSDT

Page 14: Smart Log Analysis

DEMO

Page 15: Smart Log Analysis

QUESTIONS?


2G Log file analysis

2G Log file analysis

Documents
Re Log Analysis Manual

Re Log Analysis Manual

Documents
RELogAnalysis Well Log Analysis - Comport Cocomportco.com/resys/RELogAnalysisManual.pdf · RELogAnalysis Well Log Analysis Users Manual ... Importing Log Data Of course a project

RELogAnalysis Well Log Analysis - Comport Cocomportco.com/resys/RELogAnalysisManual.pdf · RELogAnalysis Well Log Analysis Users Manual ... Importing Log Data Of course a project

Documents
Part 7a - Manual Log-Log Analysis WBS IARF Model

Part 7a - Manual Log-Log Analysis WBS IARF Model

Documents
OLAT Log Analysis

OLAT Log Analysis

Documents
HSPA Log Files Analysis

HSPA Log Files Analysis

Documents
Web Log Data Analysis: Converting Unstructured Web Log

Web Log Data Analysis: Converting Unstructured Web Log

Documents
5_3G Log Files Analysis

5_3G Log Files Analysis

Documents
Petrophysics Well Log Analysis

Petrophysics Well Log Analysis

Documents
Log Frame Analysis

Log Frame Analysis

Documents
Qualitatif Log Analysis-slim.pdf

Qualitatif Log Analysis-slim.pdf

Documents
Query Log Analysis

Query Log Analysis

Documents
Hadoop For OpenStack Log Analysis

Hadoop For OpenStack Log Analysis

Technology
TA19 VI3 Advanced Log Analysis

TA19 VI3 Advanced Log Analysis

Documents
Cloud Log Analysis and Visualization

Cloud Log Analysis and Visualization

Technology
6810509 Log Frame Analysis

6810509 Log Frame Analysis

Documents
Towards structured log analysis

Towards structured log analysis

Technology
Log File Analysis - Dom¯

Log File Analysis - Dom¯

Documents
Scan Log of Virus (Smart Scuraty)

Scan Log of Virus (Smart Scuraty)

Documents
SAP BusinessObjects BI4 Log Analysis

SAP BusinessObjects BI4 Log Analysis

Documents
[p.T] Basic Well Log Analysis

[p.T] Basic Well Log Analysis

Documents
Visual Log Analysis - DefCon 2006

Visual Log Analysis - DefCon 2006

Technology
Spectral line analysis: log g

Spectral line analysis: log g

Documents
Log Analysis At Scale

Log Analysis At Scale

Technology
Log Analysis Engine with Integration of Hadoop and Spark · previous versions of log analysis tools. In this paper, we Key Words: Log, Weblog, Hadoop, Spark, Log analysis. 1. INTRODUCTION

Log Analysis Engine with Integration of Hadoop and Spark · previous versions of log analysis tools. In this paper, we Key Words: Log, Weblog, Hadoop, Spark, Log analysis. 1. INTRODUCTION

Documents
Semi-Log Analysis

Semi-Log Analysis

Documents
Log aggregation and analysis

Log aggregation and analysis

Technology
Basic Well Log Analysis

Basic Well Log Analysis

Documents
Log File Analysis in GSM

Log File Analysis in GSM

Documents
LogFile Auswertung (log analysis)

LogFile Auswertung (log analysis)

Technology