Computer network servers typically create log files which track various activities and applications on the server, for example events that occurred when booting the server, recording client access to the server, and backing up files on the server. Typically if a problem occurs an administrator can access the log files and retrieve information, which can be analyzed to determine the cause of the problem, so that it can be dealt with.
In an enterprise network, the organization typically has many servers distributed in various geographical locations. Each server may create multiple log files for different types of processes and each log may be in a different form.
The organization may have an administrative body that deals with maintaining the network. Generally the common method of utilizing the log files from a remote server is one of the following:
1. If a problem occurs an administrator accesses the remote server and reviews the log files to determine the source of the problem.
2. If a problem occurs a local user runs a program to collect the log files and transmit them to the administrator.
3. The remote server redirects the log file, so that the log files are physically written to the administrator's file system. If a problem occurs the administrator can view the log files locally.
4. The remote server analyzes the local log files and only transmits details related to the problem (e.g. specific lines from the log files) or a message explaining the problem to the administrator based on the information in the log files.
These methods provide answers to specific problems however they lack scalability. If there are multiple servers, each server needs to be handled individually. In some cases not all of the servers use the same operating system. Additionally, the methods currently used in the art do not provide an automatic solution that can warn about future problems and provide advice for dealing with current problems in an enterprise network with many servers.