{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 Deceive 欺骗 的问题《Application log aggregation, management and notifi》','https://www.manongdao.com/q-1310654.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I'm wondering what everyone is using for logging, log management and log aggregation on their systems.
I am working in a company which uses .NET for all it's applications and all systems are Windows based. Currently each application looks after its own logging and notifications of failures (e.g. if app A fails it will send out its own 'call for help' to an admin).
While this current practice works its a bit hacky and hard to manage. I've been trying to find some options for making this work better and I've come up with the following:
- log4net & Chainsaw (ah, if it works).
- Logging via log4net or another framework into a central database & rolling our own management tool.
- Logging to the Windows event log and using MOM or System Center Operations Manager to aggregate and manage each of these servers & their apps.
- A hand-rolled solution to suck all the log files into one point and work some magic across them.
Essentially what we are after is something which can pull log entries all together and allow for some analytics to be run across them, plus use a kind of event based system to, for example, send out a warning email when there have been 30+ warning level logs for an application in the last x minutes.
So is there anything I've missed, or something someone else can suggest?
L4ndash: log4net log viewer with free developer version.
It depends on your needs. If, for example, you're running a data center and are mostly concerned with real-time alarming, then you might want to look at Avicode. It's very capable, but can be pricey.
If, on the other hand, you're supporting desktop applications or logs from remote systems, or are more concerned with offline log analysis then you might take a look at Gibraltar. It provides a nice combination of logging, log management and log aggregation/analysis capabilities. But, to be honest, I'm a bit partial -- I'm one of the Gibraltar developers.
We are using ErrorsDigest Simple real time errors aggregation.
First, use an established and widely used logging framework like log4net or NLog.
Both of the logging frameworks can send log messages to multiple destinations, e.g. to a log file, a network stream (TCP or UDP) or a database.
Then use a log viewer like Log4View to visualize and filter the log messages. If you use Log4View, please make sure that you create XML formatted log files. Although Log4View can also parse (human readable) pattern formatted log files, XML formatted log data is easier to configure and faster to parse.
Check the Microsoft Log Parser and examples. The log parser can handle xml, csv as well as Microsoft event log, registry and can send information to 'syslog' servers.
From the example screenshot this seems to be really useful tool.
I think we've got something very close to what you're looking for. logFaces is a log server, aggregator and viewer. It's built particularly for larger distributed applications and multi-user environments. We put together all the good stuff from Apache logging services and made out-of-the-box solution for those who use log4j, log4net, log4cxx or event log4python. logFaces can work with major database brands and will let you quickly dig out the issues from the flood of log data which is very common in large applications. It will also let you see the slices of your system (log-wise) in real-time. There are many more features, feel free to give it a try. If you like I can help you with setup directly, although it's very simple to get started just after watching the demos we have.
Disclosure: I am the author of this product.