Q&A: Nastel Talks About Smart Logging

Pete Goldin
Editor and Publisher
APMdigest
Learn more about Nastel

In APMdigest's exclusive interview, Charley Rich, VP Marketing and Product Management at Nastel, talks about logging and application performance.

APM: How can logging be used for troubleshooting application misbehavior?

CR: Application developers can write log events about their attempted acquisition of system resources, shortage of resources, current state or errors to a log file. By reading and analyzing the log, one can determine to some extent the problems the application is experiencing.

In addition there are additional logs, including those for: the physical server, the application server and the database. Manually, an expert can examine each of these logs and string together a picture of what is happening when a problem has been reported. But, this is not for the faint of heart and often adds considerable trouble to the troubleshooting process.

APM: Are standard logging facilities such as log4j and syslog insufficient for problem determination?

CR: Yes. Manually correlating the information an application logs along with system and other logs can be quite laborious. In addition, many of these logs have multiple unrelated writers posting entries to these logs. Tracing the information pertaining to specific applications is not easy. It is sort of a signal-to-noise problem with the extraneous information in the log acting as noise. All the sources write log events as they happen and thus, each entry may have no relation at all to the prior entry. Deciphering what is relevant to your task is hard.

Standard logging facilities such as Log4j and syslog do not help resolve this issue. They are not sufficiently structured to perform effective problem determination. The burden is on the developer to include enough detail in the log message for effective root cause analysis. They also do not help with the problem of relating application activity messages spread across multiple applications in multiples tiers and multiple logs.

As a result, standard logging can be a burden on development due to the long time it takes to correlate activities manually. Thus, standard logging facilities are somewhat unhelpful in reproducing production problems.

APM: What are “Smart Events”?

CR: Standard logging can be augmented to become “Smart Events”. Smart events are members of a flow of events and can have location, timing, source, correlation information embedded in them (such as IP, server, GPS, geo, etc.). Such augmentation is a combination of an enhanced logging methodology, combined with a simple programming model that allows recording of relevant information that can aid in fast root cause analysis and inter and intra log correlation.

APM: What happens when a Smart Event is created?

CR: Once a Smart Event has been created, the necessary context is provided for an analytics process to correlate these events into a more meaningful format that will make troubleshooting considerably easier.

APM: When are Smart Events most useful?

CR: Smart Events are most useful for applications that require fast root cause diagnostics for performance problems and application misbehavior using logging facilities.

They are also very useful for applications running in cloud or mobile where very little control exists over application behavior.

APM: How much effort is required to change an application to create Smart Events?

CR: Not a lot is required. The developer must use an enhanced programing model that allows for generation of Smart Events where context, time and location are combined into a single concept. Instead of using logging frameworks directly and write to an event log, the developer uses a simplified interface that supports Smart Event methodology. It is important to note that correlation comes from the application's standpoint and not from the technology point of view

APM: What happens when a developer is unable or not permitted to change existing applications?

CR: Smart Events can be used for existing applications that make use of log4j or other logging frameworks. A post processor could be applied to their current logs where data is mined from the existing set of logs and transformed into smart events. Of course, the value of such transformation will largely depend on the level of detail available in the log entries themselves.

APM: Are Smart Events still helpful if a developer is already using Log4j or one of the log file management tools such as Splunk or Loggly?

CR: Yes. If a user has these installed, the processed or consolidated log files can be used as the source without a need to add API calls to the applications.

APM: Does the smart logging approach track thread interdependencies?

CR: As activities are traced down to the thread level, it becomes even more important to know where that thread is executing and how that relates to the activity produced by other threads. As these multi-threaded applications execute in multiple locations, the complexity in using log files for debugging becomes far greater. Awareness of location, context and behavior would be very helpful.

APM: Can smart logging capture elapsed time for activities?

CR: An auto-processing logging framework would imitate the way the application works and automatically time how long it takes from start to completion. It can also measure the timing in detail between, for example event 1, event 2 and event 3. There are a lot of implicit values in a timing perspective and using this model, as well capturing exceptions and errors associated with application activities.

APM: How does someone know if smart logging is right for their organization?

CR: They should evaluate their current logging process and framework and determine the delta between what they are doing and what has been described here. They should consider how the value described can be garnered across all their applications by evolving their logging.

ABOUT Charley Rich

Charley Rich, Vice President of Product Management and Marketing at Nastel, is a software product management professional who brings over 20 years of experience working with large-scale customers to meet their application and systems management requirements. Earlier in his career, he held positions in Worldwide Product Management at IBM, as Director of Product Management at EMC/SMARTS, and Vice President of Field Marketing for eCommerce firm InterWorld. Rich is a sought after speaker and a published author with a patent in the application management field.

Hot Topic
The Latest
The Latest 10

The Latest

Redis Monitoring 101: Key Metrics You Need to Watch

As businesses increasingly rely on high-performance applications to deliver seamless user experiences, the demand for fast, reliable, and scalable data storage systems has never been greater. Redis — an open-source, in-memory data structure store — has emerged as a popular choice for use cases ranging from caching to real-time analytics. But with great performance comes the need for vigilant monitoring ...

Beyond Traditional Autoscaling: The Future of Kubernetes in AI Infrastructure

Kubernetes was not initially designed with AI's vast resource variability in mind, and the rapid rise of AI has exposed Kubernetes limitations, particularly when it comes to cost and resource efficiency. Indeed, AI workloads differ from traditional applications in that they require a staggering amount and variety of compute resources, and their consumption is far less consistent than traditional workloads ... Considering the speed of AI innovation, teams cannot afford to be bogged down by these constant infrastructure concerns. A solution is needed ...

AI Drives Surge in Data Budgets

AI is the catalyst for significant investment in data teams as enterprises require higher-quality data to power their AI applications, according to the State of Analytics Engineering Report from dbt Labs ...

Misaligned Architecture Causes Service Disruptions, High Operational Costs and Security Challenges

Misaligned architecture can lead to business consequences, with 93% of respondents reporting negative outcomes such as service disruptions, high operational costs and security challenges ...

How GenAI Can Save Time for the NetOps Team

A Gartner analyst recently suggested that GenAI tools could create 25% time savings for network operational teams. Where might these time savings come from? How are GenAI tools helping NetOps teams today, and what other tasks might they take on in the future as models continue improving? In general, these savings come from automating or streamlining manual NetOps tasks ...

Will AI Solve the Growing Data Divide?

IT and line-of-business teams are increasingly aligned in their efforts to close the data gap and drive greater collaboration to alleviate IT bottlenecks and offload growing demands on IT teams, according to The 2025 Automation Benchmark Report: Insights from IT Leaders on Enterprise Automation & the Future of AI-Driven Businesses from Jitterbit ...

Top Concerns for Tech Decision Makers

A large majority (86%) of data management and AI decision makers cite protecting data privacy as a top concern, with 76% of respondents citing ROI on data privacy and AI initiatives across their organization, according to a new Harris Poll from Collibra ...

Gartner: Top Trends Shaping the Future of Cloud

According to Gartner, Inc. the following six trends will shape the future of cloud over the next four years, ultimately resulting in new ways of working that are digital in nature and transformative in impact ...

The Great SaaS Hangover (and the Cure Nobody Is Talking About)

2020 was the equivalent of a wedding with a top-shelf open bar. As businesses scrambled to adjust to remote work, digital transformation accelerated at breakneck speed. New software categories emerged overnight. Tech stacks ballooned with all sorts of SaaS apps solving ALL the problems — often with little oversight or long-term integration planning, and yes frequently a lot of duplicated functionality ... But now the music's faded. The lights are on. Everyone from the CIO to the CFO is checking the bill. Welcome to the Great SaaS Hangover ...

OpenShift Monitoring: 5 Things You Need to Keep an Eye on

Regardless of OpenShift being a scalable and flexible software, it can be a pain to monitor since complete visibility into the underlying operations is not guaranteed ... To effectively monitor an OpenShift environment, IT administrators should focus on these five key elements and their associated metrics ...

Q&A: Nastel Talks About Smart Logging

Pete Goldin
Editor and Publisher
APMdigest
Learn more about Nastel

In APMdigest's exclusive interview, Charley Rich, VP Marketing and Product Management at Nastel, talks about logging and application performance.

APM: How can logging be used for troubleshooting application misbehavior?

CR: Application developers can write log events about their attempted acquisition of system resources, shortage of resources, current state or errors to a log file. By reading and analyzing the log, one can determine to some extent the problems the application is experiencing.

In addition there are additional logs, including those for: the physical server, the application server and the database. Manually, an expert can examine each of these logs and string together a picture of what is happening when a problem has been reported. But, this is not for the faint of heart and often adds considerable trouble to the troubleshooting process.

APM: Are standard logging facilities such as log4j and syslog insufficient for problem determination?

CR: Yes. Manually correlating the information an application logs along with system and other logs can be quite laborious. In addition, many of these logs have multiple unrelated writers posting entries to these logs. Tracing the information pertaining to specific applications is not easy. It is sort of a signal-to-noise problem with the extraneous information in the log acting as noise. All the sources write log events as they happen and thus, each entry may have no relation at all to the prior entry. Deciphering what is relevant to your task is hard.

Standard logging facilities such as Log4j and syslog do not help resolve this issue. They are not sufficiently structured to perform effective problem determination. The burden is on the developer to include enough detail in the log message for effective root cause analysis. They also do not help with the problem of relating application activity messages spread across multiple applications in multiples tiers and multiple logs.

As a result, standard logging can be a burden on development due to the long time it takes to correlate activities manually. Thus, standard logging facilities are somewhat unhelpful in reproducing production problems.

APM: What are “Smart Events”?

CR: Standard logging can be augmented to become “Smart Events”. Smart events are members of a flow of events and can have location, timing, source, correlation information embedded in them (such as IP, server, GPS, geo, etc.). Such augmentation is a combination of an enhanced logging methodology, combined with a simple programming model that allows recording of relevant information that can aid in fast root cause analysis and inter and intra log correlation.

APM: What happens when a Smart Event is created?

CR: Once a Smart Event has been created, the necessary context is provided for an analytics process to correlate these events into a more meaningful format that will make troubleshooting considerably easier.

APM: When are Smart Events most useful?

CR: Smart Events are most useful for applications that require fast root cause diagnostics for performance problems and application misbehavior using logging facilities.

They are also very useful for applications running in cloud or mobile where very little control exists over application behavior.

APM: How much effort is required to change an application to create Smart Events?

CR: Not a lot is required. The developer must use an enhanced programing model that allows for generation of Smart Events where context, time and location are combined into a single concept. Instead of using logging frameworks directly and write to an event log, the developer uses a simplified interface that supports Smart Event methodology. It is important to note that correlation comes from the application's standpoint and not from the technology point of view

APM: What happens when a developer is unable or not permitted to change existing applications?

CR: Smart Events can be used for existing applications that make use of log4j or other logging frameworks. A post processor could be applied to their current logs where data is mined from the existing set of logs and transformed into smart events. Of course, the value of such transformation will largely depend on the level of detail available in the log entries themselves.

APM: Are Smart Events still helpful if a developer is already using Log4j or one of the log file management tools such as Splunk or Loggly?

CR: Yes. If a user has these installed, the processed or consolidated log files can be used as the source without a need to add API calls to the applications.

APM: Does the smart logging approach track thread interdependencies?

CR: As activities are traced down to the thread level, it becomes even more important to know where that thread is executing and how that relates to the activity produced by other threads. As these multi-threaded applications execute in multiple locations, the complexity in using log files for debugging becomes far greater. Awareness of location, context and behavior would be very helpful.

APM: Can smart logging capture elapsed time for activities?

CR: An auto-processing logging framework would imitate the way the application works and automatically time how long it takes from start to completion. It can also measure the timing in detail between, for example event 1, event 2 and event 3. There are a lot of implicit values in a timing perspective and using this model, as well capturing exceptions and errors associated with application activities.

APM: How does someone know if smart logging is right for their organization?

CR: They should evaluate their current logging process and framework and determine the delta between what they are doing and what has been described here. They should consider how the value described can be garnered across all their applications by evolving their logging.

ABOUT Charley Rich

Charley Rich, Vice President of Product Management and Marketing at Nastel, is a software product management professional who brings over 20 years of experience working with large-scale customers to meet their application and systems management requirements. Earlier in his career, he held positions in Worldwide Product Management at IBM, as Director of Product Management at EMC/SMARTS, and Vice President of Field Marketing for eCommerce firm InterWorld. Rich is a sought after speaker and a published author with a patent in the application management field.

Hot Topic
The Latest
The Latest 10

The Latest

Redis Monitoring 101: Key Metrics You Need to Watch

As businesses increasingly rely on high-performance applications to deliver seamless user experiences, the demand for fast, reliable, and scalable data storage systems has never been greater. Redis — an open-source, in-memory data structure store — has emerged as a popular choice for use cases ranging from caching to real-time analytics. But with great performance comes the need for vigilant monitoring ...

Beyond Traditional Autoscaling: The Future of Kubernetes in AI Infrastructure

Kubernetes was not initially designed with AI's vast resource variability in mind, and the rapid rise of AI has exposed Kubernetes limitations, particularly when it comes to cost and resource efficiency. Indeed, AI workloads differ from traditional applications in that they require a staggering amount and variety of compute resources, and their consumption is far less consistent than traditional workloads ... Considering the speed of AI innovation, teams cannot afford to be bogged down by these constant infrastructure concerns. A solution is needed ...

AI Drives Surge in Data Budgets

AI is the catalyst for significant investment in data teams as enterprises require higher-quality data to power their AI applications, according to the State of Analytics Engineering Report from dbt Labs ...

Misaligned Architecture Causes Service Disruptions, High Operational Costs and Security Challenges

Misaligned architecture can lead to business consequences, with 93% of respondents reporting negative outcomes such as service disruptions, high operational costs and security challenges ...

How GenAI Can Save Time for the NetOps Team

A Gartner analyst recently suggested that GenAI tools could create 25% time savings for network operational teams. Where might these time savings come from? How are GenAI tools helping NetOps teams today, and what other tasks might they take on in the future as models continue improving? In general, these savings come from automating or streamlining manual NetOps tasks ...

Will AI Solve the Growing Data Divide?

IT and line-of-business teams are increasingly aligned in their efforts to close the data gap and drive greater collaboration to alleviate IT bottlenecks and offload growing demands on IT teams, according to The 2025 Automation Benchmark Report: Insights from IT Leaders on Enterprise Automation & the Future of AI-Driven Businesses from Jitterbit ...

Top Concerns for Tech Decision Makers

A large majority (86%) of data management and AI decision makers cite protecting data privacy as a top concern, with 76% of respondents citing ROI on data privacy and AI initiatives across their organization, according to a new Harris Poll from Collibra ...

Gartner: Top Trends Shaping the Future of Cloud

According to Gartner, Inc. the following six trends will shape the future of cloud over the next four years, ultimately resulting in new ways of working that are digital in nature and transformative in impact ...

The Great SaaS Hangover (and the Cure Nobody Is Talking About)

2020 was the equivalent of a wedding with a top-shelf open bar. As businesses scrambled to adjust to remote work, digital transformation accelerated at breakneck speed. New software categories emerged overnight. Tech stacks ballooned with all sorts of SaaS apps solving ALL the problems — often with little oversight or long-term integration planning, and yes frequently a lot of duplicated functionality ... But now the music's faded. The lights are on. Everyone from the CIO to the CFO is checking the bill. Welcome to the Great SaaS Hangover ...

OpenShift Monitoring: 5 Things You Need to Keep an Eye on

Regardless of OpenShift being a scalable and flexible software, it can be a pain to monitor since complete visibility into the underlying operations is not guaranteed ... To effectively monitor an OpenShift environment, IT administrators should focus on these five key elements and their associated metrics ...