5 Ways Log Analysis Augments APM
September 16, 2014

Gal Berg
XpoLog

Share this

While Application Performance Management (APM) is a vital tool to ensure application availability and performance, analysis of log data can augment APM to monitor, manage and optimize application performance.

From infrastructure, OS and web logs to home grown application logs and 3rd party software logs, you can extract valuable insights – using log analysis technology – that will help you better understand, measure and support your APM strategy.

The following are 5 ways log analysis can deliver results beyond APM tools:

1. Outlining the Steps in the Transaction Flow

The transaction flow of an application service is a set of interactions between the many components that enable that service. When a component fails in the transaction flow, it sets off a chain reaction of failures. This chain reaction can involve multiple steps across the environment, and other clouds, data centers and software components. You need to be able to efficiently analyze all of these many steps – and potential failure points – in the transaction flow, to identify the original component failure.

An ideal log analysis tool will enable you to identify – and even automatically collect – all the log events generated by a specific transaction flow. Once you have identified each log event type, it is very easy to collect all the information and investigate what happened. Each log event can provide insight into exactly what happened. You can see the chain of events, in chronological order, empowering you to track back through history to the root cause problem.

2. Determining the Root Cause of the Bottleneck

Bottlenecks are symptoms of an application performance problem, not the root cause. While APM tools can quickly identify a bottleneck, this is merely an indication that something went wrong. To fix the problem, you need to find the underlying cause of the bottleneck.

Bottlenecks in the transaction flow can be caused by a variety of factors. There are many breaking points where something can go wrong – infrastructure, software or within the application itself. In log files, you can find clues to what actually happened to cause the bottleneck.

If a single component within the transaction flow fails, this can start a bottleneck. When this occurs, a log analysis tool will enable you to see log events either from that specific component or from a component that interfaces with the failed component. These log events indicate where the problem lies.

For example, if a database fails, you will see a variety of bottlenecks across multiple transactions. This will trigger many logs with JDBC exceptions or data source exceptions across multiple sources. If you understand the messages within the logs – such as "database connection failed" or "out of memory exception" – you can determine the root cause of the bottleneck.

3. Detecting Configuration Changes

Configuration changes can have a significant negative impact on an application service. For example, configuration changes can introduce damaging infrastructure faults or application bugs. While a change may manifest as an application performance issue that you can identify, you need to discover the change that triggered this problem.

In these cases, it is challenging for APM tools to uncover the root cause of the problem because a configuration change does not directly create the problem. The change introduces a separate factor that causes the problem.

In order to fix the problem, you need to identify what was changed, and the effects of that change. Using log analysis, you can identify the original configuration change. Logs contain diagnostics information regarding failures and changes that happen during events. Leveraging these vital records, log analysis provides you with visibility into changes that happen on the application, infrastructure and configuration level.

4. Gaining Visibility into Stress

Stress on components in the transaction flow can cause application failures, so it is important to understand the impact of stress. With APM tools, you can see certain levels of load, but measuring load is not enough. You need broader visibility.

You need to look at what the application is doing semantically. Understanding stress is not only the number of threads that a server opens, or the number of transactions that the user is calling. Stress is something that eventually puts a tremendous load on the computation level, on the memory, on infrastructure resources.

A near real-time trend analysis dashboard – delivering valuable data gained from logs – will help you quickly identify potential events and growing trends that will become future problems. The dashboard can provide visibility into the stress on the application, not only from number of transactions, load, calls and logins. It also provides information on the number of complex queries the system is running right now; the average cost of each query; if the system is running a difficult cryptographic computation; the number of cryptographic computations, and so on. This provides visibility into which components are experiencing more stress over time, leading to potential performance issues.

5. Identifying Butterfly Events

Log analysis enables you to proactively search for "butterfly events" – mysterious events caused by an unexpected and complex chain reaction. The original cause of a butterfly event can be anything, and it is not clearly identifiable through traditional APM tools. Butterfly events are hard to find because there are millions of events out there and you don't know what to look for.

The right log analysis solution will show if an event occurred in the past; the first time the event happened; if an event disappeared from the system; and ultimately, if an event has meaning for the system, application or infrastructure. By scanning all log data silos, you can catch obscure events that may ultimately have an impact on the transaction flow. You can be proactive, and find and fix the problem before the chaotic nature of the environment translates into business chaos.

Using log analysis, you will be able to identify log patterns that have an impact on application performance, optimize your APM strategy, and drive better and faster APM results.

Share this

The Latest

August 08, 2022

Hybrid and remote work environments have been growing significantly in the past few years. As individuals move away from traditional office settings in today's new remote and hybrid environments, many operational issues such as poor visibility into asset status and refreshes, unaccounted assets, and overspending on software are becoming a bigger challenge for IT departments ...

August 05, 2022

MLOps or Machine Learning Operations are a combination of best processes and practices that businesses use to run AI successfully ... While it is a relatively new field, MLOps is a collective effort that captured the interest of data scientists, DevOps engineers, AI enthusiasts, and IT ...

August 04, 2022

The data is in: enterprises are not happy with their managed service providers (MSPs) and cloud service providers (CSPs). According to the latest CloudBolt Industry Insights report, Filling the Gap: Service Providers' Increasingly Important Role in Multi-Cloud Success, 80% are so unsatisfied with their existing MSP and/or CSP, they are actively looking to replace them within 12 months ...

August 03, 2022

The last two years have accelerated massive changes in how we work, do business, and engage with customers. According to Pega research, nearly three out of four employees (71%) feel their job complexity continues to rise as customer demands increase, and employees at all levels feel overloaded with information, systems, and processes that make it difficult to adapt to these new challenges and meet their customers' growing needs ...

August 02, 2022

Investing in employees will always be smart business. And right now, investing in employees means giving people the resources — and ability — to optimize performance ... For pretty much every company, that means delivering the digital tools necessary to facilitate seamless, secure, user-friendly access and connectivity ...

August 01, 2022

Digital transformation can be the difference between becoming the next Netflix and becoming the next Blockbuster Video. With corporate survival on the line, "digital transformation" is no longer merely an impressive buzzword to throw around in boardrooms. It's the ticket for entry into the digital era, a fundamental business strategy for every modern company ...

July 29, 2022

IT infrastructure has rapidly evolved over the last decade, and as a result important specialized tools have been developed and an entire dedicated industry has grown up to serve the need for monitoring these IT systems and services in order to keep them operational and efficient ...

July 28, 2022

At Cisco AppDynamics, we recently conducted research exploring consumer attitudes and behaviors in relation to wearable technology ... In our study, 87% of global consumers claimed that trust is a critical factor when choosing a wearable medical device or application brand. And, 86% expect companies offering wearable technology and applications to demonstrate a higher standard of protection for their personal data than any other technology they use ...

July 27, 2022

You've been here before: waiting for a web page to load. You keep refreshing it, but still no luck. How many times will you try to reload the page before visiting a different site? Probably not too many. Brands today have just a few moments at most to captivate and delight potential customers ...

July 26, 2022

In the DevOps world, observability is trumpeted and lauded in many corners. However, in reading much of the coverage, there seemed to be some more fundamental issues at play. It's time to demystify the idea of observability, shedding light on what it means in a broader context. And once we break down the concept and its true value to an organization, let's answer a more important question: Are we approaching an observability tipping point? ...