It has been a long time since I worked as an IT System Administrator (perhaps around the NT 4.0 era.). And it has been a few months now since I was with a company that hosts multiple products and had to gather all the stakeholders (sysadmin, dba, developers and others) in a troubleshooting session. As I recall, every time there was an issue with a product, we had to either have a conference call with the sysadmins, developers or dbas to comb through the logs trying to figure out where the problem resided or they had to send the logs or the location for me to download and to distribute the logs.
I remember before the conference call I would reach out to the sysadmin to figure out where the logs were kept so I could grab to analyze. The file would be huge (several giga bytes) and looked something like this from the download site:
I would then have to ask the database administrator to generate a csv file of a report with some required fields to get the data from the database.
There were several occasions where I would have to rely on my limited knowledge to get the data from the logs using some query like this:
SELECT TO_TIMESTAMP(date,time) AS LogTimeStamp, [s-ip], [cs-method],
[cs-uri-stem], [cs-uri-query], [s-port], [cs-username], [c-ip],
[cs(User-Agent)], [sc-status], [sc-substatus], [sc-win32-status],
[sc-bytes], [cs-bytes], [time-taken]
INTO W3SVC2 FROM C:\WINDOWS\system32\Logfiles\W3SVC1\ex040308.log
OR
SELECT * FROM Win32_NTLogEvent WHERE Logfile='Application' AND SourceName='MSSQLSERVER'
Is this even the correct way to query?
We have just released System Log Manager. System Log Manager gives your SharePoint administrators easy, customizable access to the vast library of system logs that are scattered throughout your system. It empowers administrators to sort through Windows, SQL, IIS, and SharePoint logs from one central interface, creating customized reports and filtering out irrelevant data without making complex system calls or relying on a command line.
Trying to isolate a problem? How would you like to be able to:
- Bypass the confusing file structure of system logs by accessing them from logical, organized tree structure.
- Build a custom view that overlays and filters information from multiple logs, and call on it at any time.
- Spend your time using useful log information, instead of trying to find it.
Creating Custom View of SharePoint in the “Last 30 minutes” or a window of “Time period” -
Filtering IIS Logs -
Adding Columns to SharePoint Logs’ View -
Right click on the name of the log. Select Add/Remove Columns.
Other functionalities include:
- Sorting using the header of a column.
- Reordering using the header of a column.
- Hiding or Showing Preview Pane of a particular event.
This is the initial release. We already have plans for improvements - especially with regards to performance. We would like to hear from you and get your ideas of what other enhancements would make this tool more useful for you.
Posted
Jul 03 2008, 06:53 PM
by
Bamboo PM Girl