You can create custom scanners for log
analysis. After you configure the scanner, the results are generated
in the reports when you run the xsLogAnalyzer tool.
The custom scanner scans the logs for event records based on the regular
expressions that you specified.
Procedure
- Create a scanner specifications
properties file that specifies
the general expression to run for the custom scanner.
- Create and save a properties file.
The file
must be in the loganalyzer_root/config/custom directory.
You can name the file as: you like. The file is used by the new scanner,
so naming the scanner in the properties file is useful, for example: my_new_server_scanner_spec.properties.
- Include the following properties in the my_new_server_scanner_spec.properties file:
include.regular_expression = REGULAR_EXPRESSION_TO_SCAN
The
REGULAR_EXPRESSION_TO_SCAN variable
is a regular expression on which to filter the log files.
Example: To scan for instances of lines that contain both
the
"xception" and
"rror" strings
regardless of the order, set the
include.regular_expression property
to the following value:
include.regular_expression = (xception.+rror)|(rror.+xception)
This
regular expression causes events to be recorded if the string
"rror" comes
before or after the
"xception" string.
Example:
To scan through each line in the logs for
instances of lines that contain either the phrase
"xception" or
the phrase
"rror" strings regardless of the
order, set the
include.regular_expression property
to the following value:
include.regular_expression = (xception)|(rror)
This
regular expression causes events to be recorded if the either the
"rror" string
or the
"xception" string exist.
- Create a configuration file
that the xsLogAnalyer tool
uses to create the scanner.
- Create and
save a configuration file.
The
file must be in the loganalyzer_root/config/custom directory.
You can name the file as scanner_nameScanner.config,
where scanner_name is a unique name for the new
scanner.
For example, you might name the file serverScanner.config
- Include the following properties in the scanner_nameScanner.config file:
scannerSpecificationFiles = LOCATION_OF_SCANNER_SPECIFICATION_FILE
The
LOCATION_OF_SCANNER_SPECIFICATION_FILE variable
is the path and location of the specification file that you created
in the previous step. For example:
loganalyzer_root/config/custom/my_new_scanner_spec.properties.
You can also specify multiple scanner specification files by using
a semi-colon separated list:
scannerSpecificationFiles = LOCATION_OF_SCANNER_SPECIFICATION_FILE1;LOCATION_OF_SCANNER_SPECIFICATION_FILE2
- Run the xsLogAnalyzer tool.
Results
After you run the xsLogAnalyzer tool,
the report contains new tabs in the report for the custom scanners
that you configured. Each tab contains the following views:
- Charts
- A plotted graph that illustrates recorded events.
The events are
displayed in the order in which the events were found.
- Tables
- A tabular representation of the recorded
events.
- Summary reports