Log Alerting, Anomaly Detection and Scheduled Reports

Tired of tail -F /your/log/file | egrep -i ‘error|exception|warn’?
It’s common for devops to keep an eye out for errors in logs by running tail -F or to manually look for unusual application behavior by looking at logs in their terminal. The problem is that this gets tiring, boring — and even impossible — as the infrastructure grows.  If you think about this from the business perspective: it gets expensive.  Or maybe you automate things a bit via cron jobs that cat, grep, and mail errors, or maybe SSH to N remote servers to do that, etc.?  You can do this only for so long.  It doesn’t scale well.  It’s fragile.  Not the way to manage non-trivial infrastructure.

So what do you do?

First, consider using a centralized log management solution like Logsene instead of leaving log files on your file system. Alternatively, you can choose to run & maintain your own ELK stack, but then you won’t get what we are about to show you out of the box.

Saved, Alert & Scheduled Queries
We’ve created a 3-part blog series to detail the different types of Queries that Logsene lets you create:

  1. Saved Queries: queries that you’ve saved, so that you can later just execute them instead of writing them again
  2. Alert Queries: saved queries that are continuously running and that you configured to alert you when certain conditions are matched
  3. Scheduled Queries: queries that are executed periodically and that send you their output in a form of an log chart image

Put another way, using these queries means you can have Logsene’s servers do all the tedious work we mentioned above. That’s why we created computers in the first place, isn’t it?

It’s done in a few minutes, and how much time does it saves you every day?

So, how about that tail -F /my/log/file.log | egrep -i ‘error|exception|warn’ mentioned earlier? If you’re getting tired of tailing and grepping log files, sshing to multiple servers and chasing errors in them, try Logsene by registering here. If you are a young startup, a small or non-profit organization, or an educational institution, ask us for a discount (see special pricing)!

Leave a Reply