Path: csiph.com!x330-a1.tempe.blueboxinc.net!usenet.pasdenom.info!gegeweb.org!de-l.enfer-du-nord.net!feeder2.enfer-du-nord.net!feeds.phibee-telecom.net!usenet.ukfsn.org!not-for-mail From: Martin Gregorie Newsgroups: comp.lang.java.programmer Subject: Re: analysis of java application logs Date: Mon, 23 May 2011 19:07:44 +0000 (UTC) Organization: UK Free Software Network Lines: 47 Message-ID: References: <4t6dnUyMGer0w0fQnZ2dnUVZ_j2dnZ2d@earthlink.com> <93vnjeFovuU1@mid.individual.net> NNTP-Posting-Host: 84.45.235.129 Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Trace: localhost.localdomain 1306177664 25094 84.45.235.129 (23 May 2011 19:07:44 GMT) X-Complaints-To: usenet@localhost.localdomain NNTP-Posting-Date: Mon, 23 May 2011 19:07:44 +0000 (UTC) User-Agent: Pan/0.133 (House of Butterflies) Xref: x330-a1.tempe.blueboxinc.net comp.lang.java.programmer:4485 On Mon, 23 May 2011 20:33:07 +0200, Robert Klemme wrote: > On 23.05.2011 15:17, Patricia Shanahan wrote: >> On 5/23/2011 12:50 AM, Ulrich Scholz wrote: >>> I'm looking for an approach to the problem of analyzing application >>> log files. >>> >>> I need to analyse Java log files from applications (i.e., not logs of >>> web servers). These logs contain Java exceptions, thread dumps, and >>> free-form log4j messages issued by log statements inserted by >>> programmers during development. Right now, these man-made log entries >>> do not have any specific format. >>> >>> What I'm looking for is a tool and/or strategy that supports in >>> lexing/ parsing, tagging, and analysing the log entries. Because there >>> is only little defined syntax and grammar - and because you might not >>> know what you are looking for - the task requires the quick issuing of >>> queries against the log data base. Some sort of visualization would be >>> nice, too. >>> >>> Pointers to existing tools and approaches as well as appropriate >>> tools/ algorithms to develop the required system would be welcome. >> >> I would use Perl, and begin by recognizing some of the more important >> formats, such as thread dumps. I agree with the desirability of >> introducing some organized formatting into the log messages, but an >> ad-hoc Perl program can often get useful data out of a disorganized >> log. > > Only that Perl is so awful - YMMV of course. But for these kinds of > tasks (more correctly: for *any* task) I very much prefer to use Ruby > because of its cleaner OO and cleaner syntax. > I do the same, but use gawk rather than Perl: I have the same objections to Perl as you, while gawk is pretty straight forward if you understand regexes and can write C. So far, using gawk to extract the information I've needed from Linux system logs has been rather straight forward. Besides, I generally find gawk to be more concise and readable than Perl, for this type of job, anyway. -- martin@ | Martin Gregorie gregorie. | Essex, UK org |