The present invention relates to the field of problem determination and, more particularly, to utilizing log event ontology to deliver user role specific solutions for problem determination.
Many application server environments are typically comprised of a collection of distributed applications which can interact with each other and the environment numerous and complex ways. In these environments, when applications fail, problem determination data (e.g., error events) can be generated which can be used to debug the application failure during the problem determination process. One problem with utilizing debug determination data however is that the problem determination data generated by each application cannot be easily correlated. That is, each application's problem determination data can only provide a partial view of the overall failure.
In these application server environments, problem determination data can be typically recorded to application specific error logs. Frequently, these logs can exist in multiple locations and/or formats within the environment such as within application specific directories, vendor specific implementation formats, and specialized logging service locations. Further, error logs can comprise of logging information unrelated to error events including system diagnostic information, hardware information, etc. In many instances, system administrators are required to manually disregard irrelevant information during problem determination procedures. Consequently, the time cost attached to problem determination can increase considerably.
Additionally, many times event logs can be cryptic in that the logs can include little information about the error which occurred. In one instance, event logs can present error codes when an error event occurs, often times which are application specific. As a result, administrators are required to manually debug the error event utilizing a myriad of information sources (e.g., application error code manual, wikis, etc). Further, it is not uncommon for error events to generate multiple separate logging events in one or more locations. In this instance, a set of seemingly unrelated error messages can be linked to a single error event. In these scenarios, system administrators must perform complex auditing techniques to determine the cause of an error event. That is, administrators are forced to manually identify and evaluate relevant error information. These auditing techniques frequently lead to delayed problem determination results and administrator frustration.