Integrating Log Data and Performance Metrics

Comments: 0 Runtime: 2:26 Posted: January 9th, 2015

Effectively integrating log data and performance metrics within a network poses big benefits. Not only will it but it greatly reduce time in resolving critical issues, but it also simplifies the availability to distribute data to customers and developers.

view video transcript

One of the most important things to think about with log analytics and looking at infrastructure analysis right, is that if I can get that data and marry it up with other data that drives the performance metrics, that’s really powerful, because if I’m dealing with a log analyzer that pulls the data in, and I can look at individual components, log data for individual components. Even if it level sets the field with the respects to those individual components I still have to take a look at all my net flow data and my SNMP data and then manually make those correlations, unless I’ve got a really good business analytics engine, and that takes a lot more effort. So if I can get a fully integrated approach to this it really simplifies my availability to give that data to my customers and developers, and it also improves my time to market, because I haven’t got to worry about integrating a solution. It already comes to me pre-integrated.

If I do a co-drop and we have severities, right. That’s another one that we bring to bear. So I can take a look and my developers want to see their data right off the bat. They want to take a look at their log data. We don’t typically allow them to have direct access to that, because I don’t want people in messing around with my production servers. So the first thing we have to do is we copy all of our data off. Right, we package it up and we send it off to them in an e-mail. Half an hour later they’re analyzing through the data. With our log server I can give them direct, full based access to their data. They don’t get access to the server, but I can protect, even from developer to developer or from system to system. I can protect that data using my LDAP authentication to do role based access, and so instead of waiting that half an hour for them to get the data and then another half hour for them to do the analytics. I’m resolving severity issues in 15 minutes as opposed to waiting that one hour while I’ve got services critical that are down.

Any time you can put that log data together with meaningful statistics on the network; that’s powerful.

Written by Eric Sharpsten

Eric Sharpsten provides technology oversight for the CMS Services' IT Infrastructure including support for three data centers, LAN/WAN infrastructure, and endpoint computing services across the US and Puerto Rico. Eric is an IT leader with over 15 years experience in design and development of real-time mission critical systems for the defense and intelligence sectors.