{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 再贱就再见 的问题《Is there a log file analyzer for log4j files?》','https://www.manongdao.com/q-179915.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am looking for some kind of analyzer tool for log files generated by log4j files. I am looking something more advanced than grep? What are you using for log file analysis?
I am looking for following kinds of features:
- The tool should tell me how many time a given log statement or a stack trace has occurred, preferably with support for some kinds of patterns (eg. number of log statements matching 'User [a-z]* logged in').
- Breakdowns by log level (how many INFO, DEBUG lines) and by class that initiated the log message would be nice.
- Breakdown by date (how many log statements in given time period)
- What log lines occur commonly together?
- Support for several files since I am using log rolling
- Hot spot analysis: find if there is a some time period when there is unusually high number of log statements
- Either command-line or GUI are fine
- Open Source is preferred but I am also interested in commercial offerings
My log4j configuration uses org.apache.log4j.PatternLayout with pattern %d %p %c - %m%n but that could be adapted for analyzer tool.
I have created a custom tool for that: https://plus.google.com/u/0/102275357970232913798/posts/Fsu6qftH2ja
I'd suggest Splunk. It provides fast, Google-like searching across lots (terabytes) of logs, is easy to filter (e.g. by log level or date), makes it easy to correlate into transactions of multiple related log events, etc.
There's a downloadable version that's free as long as you're indexing less than 500MB of logs per day.