Automated Log Visualization – Working with XpoLogs’ Apps
CHAPTER 10
XpoLogs offers an automated log visualization and extraction of log data insights.
XpoLog contains an extensive log analysis apps marketplace, with pre-built “apps”.
- Learn what our log analysis apps marketplace can offer you.
What is a log analysis app and how does it visualize log data?
A log analysis app is a collection of dashboards based on a specific type of log.
These dashboards represent a critical insight into the log’s events.
For example, an XpoLog app for a web server may include:
- A dashboard showing geo-locations of oncoming connections.
- Another dashboard may show a high-level, aggregated picture of different types of errors captured in the logs.
- Another one contains bandwidth or browser and OS statistics.
Together, these dashboards form an “app” for that web server.
Automating Log Visualization with Log Analysis Apps
Introduction to XpoLogs’ Apps Marketplace
XpoLog apps are available from the “app marketplace”, which is a repository of free apps made available by XpoLog engineers.
To access the apps marketplace:
- Click on the “APPLICATIONS” menu on the top menu bar in XpoLog interface:
- From the marketplace, users can access recently viewed apps, create custom apps or import a custom app’s configuration. To go to the app marketplace, click on the Marketplace
- This opens the Marketplace menu:
- Users can access apps for different platforms and systems from this menu. The image below shows a small number of apps:
Install an app – immediate log visualization
To preview an app, click on its icon, a dialog box will appear with a preview.
The preview will describe the app’s functionality and the dashboards that are available.
The image below shows the Apache Httpd app’s preview:
To install the app, click “SETUP”, this will open a setup wizard.
The first part of the wizard asks about:
- The default time window for the dashboards (default is last 24 hours).
- The data sources accessed by the dashboards. It is possible to display data from specific Apache web servers by choosing the sources in the wizard.
The second part of the wizard allows us to choose the dashboards to be installed.
By default, all dashboards are selected:
With the choices made, click “DEPLOY” near the bottom of the wizard screen.
A message box will be shown when the app is deployed.
TIP: please note that if no notification method has been configured in XpoLog and the checkbox “Get notified when all dashboards are complete” is enabled, the “Go to App” button will remain inaccessible.
Clicking on “Go to App” will open the app’s main page with the default dashboard loaded.
From “DASHBOARDS” menu, a user can navigate to any of the installed dashboards.
From “App Settings”, it’s possible to edit the app’s configuration, add new dashboards, export the app’s config (so another XpoLog system can import it), or import another dashboard’s config (so that it can be added to the current app).
The image below shows the process of importing dashboard configuration.
Here, three values are added for “Log Type”: “apache”, “access”, and “httpd”.
A custom parsing rule is used:
Once the data is ingested successfully, you can go to any dashboard of the app and choose a time period:
Also, there is a section near the top of each dashboard screen that allows setting up specific filters.
In the image below, one such filter is used in the “Http Errors” dashboard.
Once you click “APPLY”, The dashboard will show results for the chosen time period and filter.
Individual graphs and charts in a dashboard are called gadgets.
An example of a gadget is shown below.
The “URLS by Errors” gadget is showing the number of errors for different web pages:
Similarly, another gadget from the Geo Data dashboard shows the top countries generating web traffic:
Using Log Analysis Apps for Troubleshooting
Apps can be helpful for troubleshooting error conditions, security threats or performance bottlenecks.
Users can double click on a gadget and drill down to the relevant log in XpoLog’s search screen.
The search query can be then further fine-tuned as shown below:
It’s also possible to create custom apps with dashboards displaying logs from different servers of a stack.
Such powerful features make XpoLog an ideal tool for DevOps engineers, IT Ops, and security specialists.
Conclusion
XpoLogs’ out-of-the-box log analysis apps makes log visualization and investigation fast and easy.
You can find crucial insights, analytics and stats about many different types of logs, using our ready to use dashboards.
So why search when you can app?
All chapters:
