Access Logs Viewer – Detect Anomalies
Once you’ve added the access log to XpoLog, you can start searching for anomalies.
This is done with the XpoLog log search interface.
XpoLog logs viewer features a Google-like interface to intuitively and quickly search for anomalies and be able to understand how to analyze and fix them.
All you need to do is type your search query (example follows) in the search field and view all anomalies/errors in a various set of graphs, along with lists that are dynamically real-time generated (see below).
Access Logs Viewer – Search Queries
We know that an access log present information about visitors to your website.
The next step would be to search for anomalies in visitors’ interaction w/ your website.
Let’s search for the top users engaging with your website or that have an inordinate number of visits.
That way we can perhaps detect bots traffic or most valuable potential customers and their geo-location.
Along the way, we will see errors occurred during these visits.
The following XpoLog Search query looks for the URLs with the most visits:
*in log.access* | count | group by url | order by count desc
Note – the * sign is an integral part of the search query
In the above screenshot taken from XpoLog logs viewer, we see the heaviest visited pages: Homepage, Download and /logeye/ pages.
Now, lets continue and disregard the Home and the Download pages, and focus on the page with the most visits.
In this case it is the /logeye/ page (XpoLog Access Log Viewer and Manager main page).
In order to drill down into the /logeye/ page, just click on /logeye/ in the table below the graph (marked in red in the screen shot above) and XpoLog Access Log Viewer will automatically create the following search query:
url = “/logeye/” IN log.access*
Also XpoLog Access Logs Viewer will dynamically generate the following view:
We can now see that in June there were 3 HTTP status code errors, 500, 501, and 404 for /logeye/ (internal server error and page not found).
Having these critical errors and anomalies detection at a main business process page is of an utmost importance to a website owner.
Now you are able to zero-in on the root cause analysis (RCA) of these anomalies in the access logs with the below table and XpoLog access log analyzer and fix them before new users will experience the same or additional errors.
Since then, this page has not experienced significant errors, which makes sense considering it is the (3rd) most visited page.