Field of the Invention
The present invention relates to log file analysis for computer troubleshooting and more particularly to log file reduction to facilitate log file analysis.
Description of the Related Art
System fault troubleshooting can be a task range from the simple to the complex. In the most basic computing system, fault troubleshooting can involve only the manual inspection of the state of one or two components of a computer and the operating system of the computer. In more complex network arrangement, however, where multiple computers are coupled to one another over different communicative linkages, each running different applications that in the aggregation provide a computing solution, troubleshooting a solution fault can be a daunting task. Consequently, systems administrators generally rely upon the different operational logs produced by the different computing resources of the solution in order to identify the source or sources of a system fault.
Over a period of time during which different resources of a computing solution are operational, log files can become voluminous depending upon the frequency of logging events. To facilitate the management of log files, log files can be indexed and managed using traditional database technologies. The indexing of log files provides for very fast access to different log entries, and more importantly, permits the keyword searching of the log files. To wit, when troubleshooting a solution fault, help desk personnel oftentimes utilize data provided by the end user to keyword search different log files seeking the pertinent records likely to provide clues as to the cause of the solution fault.
Keyword searching log files to pinpoint the source of a solution fault can be troublesome in the face of many log files each recording volumes of events. In particular, many log file entries and indeed some log files may pertain only to portions of a solution topology not relevant to the fault at hand. Yet, the end user still must process each keyword search result in each log file when keyword searching the various log files of the entire topology. Accordingly, the keyword searching of log files generally is one-dimensional in nature and can result in the most interesting and pertinent logged events being lost in a sea of irrelevant events.