Logs¶
In modern infrastructure, thousands of log events can be generated every minute. These logs follow specific formats, usually containing timestamps and are generated by servers. They are output to different files such as system logs, application logs, and security logs. However, these logs are currently stored in a distributed manner across various servers, leading to the need to log into each server separately to review logs when a system failure occurs, in order to determine the cause of the failure. This process increases the complexity of troubleshooting.
Facing such a large volume of data, you need to decide which logs should be sent to a log management solution and which should be archived. Filtering logs before sending them might result in missing critical information or inadvertently deleting valuable data.
To improve the efficiency of fault diagnosis and gain a comprehensive understanding of the system's status, avoiding passive responses during emergencies, centralized management of logs along with centralized search and correlation analysis capabilities becomes crucial.
Guance, through its powerful log collection feature, allows you to unify log data reporting to Guance workspaces. This way, you can centrally store, audit, monitor, alert, analyze, and export collected log data, thereby simplifying the log management process.
By doing this, Guance helps you avoid potential issues caused by filtering logs before sending them, ensuring all critical information is properly handled and analyzed.
Features¶
-
Automatically identifies log status, quickly filters and correlates logs, aggregates similar text, helping to rapidly discover and analyze anomalies, accelerating troubleshooting
-
Parses the textual content of logs, converting it into structured data, including extracting timestamps, status, and specific fields as labels
-
Generates new metric data based on existing data within the current workspace, facilitating the design and implementation of new technical metrics according to needs
-
Archives log data that meets certain criteria in different indexes and selects data storage policies for log indexes
-
Customizes filtering rules for log collection; log data that meets the criteria will not be reported to Guance, helping to save on log data storage costs
-
Saves log, trace, and user access data to Guance object storage or forwards it to external storage, managing forwarded data flexibly
-
By setting role access permissions and data masking rules, you can more finely control access to log data while properly handling sensitive information