« Steps for preserving the integrity of log data
Chinese translation for “What to do before an IOS disaster strikes” »

Searching for Root Cause

In a previous column, I outlined the five steps in the problem management process: detection, identification, determination, resolution and reflection [article]. I explained how new technologies will be required to help IT administrators determine the root causes of IT problems.

But how do IT administrators determine them today?

I have written an article on how search technology can help in finding root cause.

Last Modified: Monday, November 7th, 2005 @ 09:21

This entry was posted on Monday, November 7th, 2005 at 9:21 am and is filed under Articles. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.

One Response to “Searching for Root Cause”

  1. Dermot McMullen Said on November 7th, 2005 at 7:00 pm quote

    Hi, I thought your article in computerworld was very well written and addresses the problems that we sysadmins are faced with today.
    There is however a really good software solution on the market right now !! I’m not sure if you’ve heard of splunk (splunk.com) before ?
    They create a full text index of your log data and allow you to do boolean searches.
    I’m running the beta version here at work and I must say that it has made things much easier for me and my team.
    The splunk engine ties related events together nicely and has a really neat web interface.
    The only thing it doesn’t do is regular expression filter of the results which means that sometimes we have to fall back to grep and the like.
    You should take a look at the live demo they have on their site it’s really awesome !!!