Zen 2.0

Going through one of my sleepless nights again. So I figure I post a question here and see if I get any response. I’ve always wondered what is the best way to incrementally upload logs from files that gets updated all the time. For example, application A writes to a log file. It continues to [...]

A very interesting and useful discussion took place the last week on the LogAnalysis mailing list. Anton Chuvakin started the thread by asking other than parsing the individual messages (that could potentially have thousands of different formats), what other methods can be used in analyzing logs? Some suggestions out of this discussion are listed here. [...]

Our recent trip to China included a press conference with many of the top newspapers and IT magazines in China. Here’s a press piece that appeared on DoSTOR. 在商业竞争异常激烈的今天，日志存储和数据处理方面的需求将不断增长，而且企业常常是将其作为基础设施来规划，日志管理已成为世界上IT管理的新趋势。因此，LogLogic公司率先提出“日志生命周期智能化管理”概念，对日志数据进行采集、汇聚、存储、归档、分析和报警、实时监控，这种有效的管理方法可以优化网络运行效果, 提高网络可用性和安全性；提供可靠的网络信息审计；简化为适应行业法规要求所需的工作，从而大大降低运营成本；还可以协助IT决策和风险管理。

Recently Chris, Andy and I went to visit China. Here are some photos Andy took.

Douglas Schweitzer had this to say regarding my article on Steps for preserving the integrity of log data. He’s absolutely right. He’s also written previously an article on Don’t Ignore Lowly Log Analysis.

Anton Chuvakin has posted some comments regarding my “Searching for Root Cause” article. Anton Chuvakin is a great guy. Very smart and definitely knows a lot about log analysis. I have the highest respect for him. However, I think he misunderstood the article. In his comments, he said that “the article claims that you have [...]

In a previous column, I outlined the five steps in the problem management process: detection, identification, determination, resolution and reflection [article]. I explained how new technologies will be required to help IT administrators determine the root causes of IT problems. But how do IT administrators determine them today? I have written an article on how [...]

To respond to an article I discussed in a previous post, I wrote this article on Steps for preserving the integrity of log data, which is published by Computerworld. This article describes the importance of perserving unaltered log data for court admissibility, enabling trust and accelerating investigation and troubleshooting.

Scott Gordon, VP of Marketing for SenSage (I used to work there), has written an interesting article on how most of the SIM products are not ready for compliance prime time. Most of the points are valid, however, Scott seems to have forgotten to mention that archival of unaltered raw logs is a crucial requirement [...]

My company, LogLogic, has officially launched LogLogic 3. Along with the new product launch, we also luanched a new loglogic.com web site and a new blog, LogBlog. The new web site looks awesome!! Hate to say this but it’s much better than the old one. The blog is also a great resource for information on [...]