Log File Monitoring
Discover the capabilities
FREE NiCE Log File MP for Microsoft SCOM
Business critical applications write health and performance information to log files. These log files contain a most relevant data, but are hard to access.
The NiCE Log File MP is THE product to scan and analyze the information contained in your log files.
The NiCE Log File MP supercharges the log file analytic capabilities for your Windows servers monitored by SCOM.
Business critical applications write health and performance information to log files and this data is often left unattended and simply archived.
The NiCE Log File MP taps into the pool of information that is contained in the log files. The MP scans and analyzes the information contained in your log files. It provides more than 100 custom wizards to the SCOM Authoring console to create rules and monitors with ease. Additionally, all parts of the NiCE Log File MP leverage native SCOM capabilities and provide a powerful tool that analyzes log content in full detail.
The NiCE Log File MP lets you perform a multitude of functions that are critical in your role as system, application or database administrator.
- A powerful program execution interface to run scripts and programs
- An integrated interface which is part of the Microsoft Monitoring Agent
- A program that lets you define log file names as absolute paths
- A program that lets you set an alert on missing log files
- A set of custom authoring wizards which allow you to create;
- Alert Rules
- Performance Counters
- Unit Monitors
Analyzing the loglines contained in a log file is the core functionality of the NiCE Log File MP – see a very ‘NiCE’ blog post SCOM 2012 – NiCE Log File Library MP Monitoring Robocopy Log File, which illustrates how the Log File MP works. The main use case for the Log File MP is to analyze individual log lines. The MP offers a number of key features that do exactly that.
Before any filter on the log line is applied, the line can be split or matched strings can be replaced in memory. The logic of replacing, matching and splitting log line content follows the “Regular Expression Language”.
The use cases and requirements for the NiCE Log File MP are manifold. Interestingly, analyzing log files also includes looking for lines that do not exist.
Some systems write health information in log files in regular intervals. Ideally you want to receive an alert if the logline indicating the heartbeat information is missing, as that could also mean that the application system is hanging and the log file is not updated. The NiCE Log File MP lets you set an alert on missing log files.
Go beyond simple log file reading
The NiCE Log File MP includes a powerful program execution interface that can run scripts and programs to create, extract, and modify logs from proprietary event and log file sources.
This agent-based program execution interface expands the usage of the NiCE Log File MP beyond just reading log files. This execution interface is part of a “Managed Module” to the Microsoft Monitoring Agent (MMA), thus, it is truly agent based. It provides the best possible performance and no additional installation is required. As all processes run as sub-processes of the MMA, the SCOM security concept is fully applied using SCOM actions account and run as configuration.
Correlate your log files
With the NiCE Log File MP, you can correlate your log files, for example, an ERP system writes information in the log about a job being dispatched. Per requirement, the dispatched job must be completed after a certain time. As such, you will need to look for the log line that contains the job ID and indicate the job completion.
As each logline typically contains a timestamp, the time interval between the two log entries can be measured. If the time span between the two loglines exceed a certain threshold, an alert should be triggered. The NiCE Log File MP is the perfect solution in this example. The “correlated” Log File MP Wizard can be used to easily create such “SCOM Alert” rules.
Although Microsoft included a number of useful features in their out-of-the-box SCOM offering to analyze text log files, it does come short in cases where files require pre-processing or log line correlation or some other use cases that are required to monitor business critical logs. Some examples follow below:
Use Case 1
The NiCE Log File MP enables you to monitor manufacturing systems. It is clear that most event older manufacturing systems write all core information to logs. All of these logs are typically proprietary to the vendor. The NiCE Log File MP monitors these critical manufacturing systems – however, in some cases it may be required to create a custom pre-processing script.
Use Case 2
The NiCE Log File MP enables you to monitor your application system. Say you have a Java log file or an Application log file – any type of logs in ASCII format are supported. This can be an extracted CSV file, text file, or dump file. The wizards that are included with the Log File MP allow you to easily create an alert rule or a unit monitor for monitoring.
In a nutshell
- Set the log file directory using a regex pattern with no restrictions
- Reduce complexity with easy-to-read and easy-to-access web-based reports
- Customize behavior if a log file does not exist
- Work smarter by correlating your log lines
- Microsoft System Center Operations Manager 2012 (SP1, R2) or 2016
- .NET 3.5.1 Windows Server or later
NiCE Solutions for Microsoft SCOM
NiCE is your one stop shop for sophisticated application monitoring solutions