Field of the Invention
This invention relates to apparatus and methods for efficiently managing and analyzing log information.
Background of the Invention
Many systems produce logs to record events taking place during their execution. Such logs provide an audit trail that can be used to understand the activity of the systems and/or to diagnose problems. Nevertheless, such logs often use terminology, codes, and/or messages that are esoteric and difficult to understand, particularly for the untrained user. Such logs may also be very extensive and therefore difficult to manage and search to find desired information.
Currently, there is no universal method or technique to view and manage logs. The methods and techniques that do exist are typically very limited and product-specific. For example, existing methods and techniques may include using the built-in Linux® file editor or Windows® Notepad to view and manage log information. There are also a large number of third party tools and applications available on the Internet to view and manage log information. However, the ability to quickly parse through, sort, and/or seek out specific information in logs using existing tools is extremely limited.
Due to the lack of available tools, some teams of programmers/developers have developed basic search and reference functions that pull from a database of known issues and errors. These functions may sort through log files to find common strings that may then be identified as known issues to a customer or technician. A number of problems arise from these functions due to the lack of uniformity in their design and the necessary tailoring per product per log file. For example, in order for log file X to be referenced and sorted, database X must already exist and be kept up-to-date. If another log file Y comes along after log file X, a new database Y must be created to enable referencing and sorting of log file Y. The same issue occurs when changing from one product (e.g., application or device) to another. Short of multiple developers producing multiple databases and maintaining these databases whenever log file changes occur, there is very little chance for a uniform solution using these existing techniques.
In view of the foregoing, what are needed are apparatus and methods to more efficiently manage and analyze log information. Ideally, such apparatus and methods will provide a uniform solution for multiple log files and/or products. Such apparatus and methods will also ideally be continually improved by frequent usage and require little developer attention after initial creation.