METHOD AND SYSTEM FOR IMPLEMENTING TARGET MODEL CONFIGURATION METADATA FOR A LOG ANALYTICS SYSTEM
First Claim
1. A method, for configuring log monitoring to be performed in a system that implements a log analytics system, wherein the log monitoring comprises storing log data according to an association between log monitoring configuration metadata and a target, the target representing a component in a computing environment for which log data is generated, the method comprising:
- generating the log monitoring configuration metadata by;
identifying a log source corresponding to a target, the log source identifying a location to monitor for the log data generated for the target;
identifying a parser for the log source;
configuring log monitoring configuration metadata comprising target-side log monitoring configuration metadata and server-side log monitoring configuration metadata, the target-side log monitoring configuration metadata including information regarding the log source and the server-side log monitoring configuration metadata including information regarding the parser for the log source;
distributing the target-side log monitoring configuration metadata to a host for the target, wherein the target is configured according to the target-side log monitoring configuration metadata;
configuring a log analytics server according to the server-side log monitoring configuration metadata;
gathering log data for the target from the host according to the target-side log monitoring configuration metadata; and
performing log processing on the log data at the log analytics server according to the server-side log monitoring configuration metadata.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed is a system, method, and computer program product for implementing a log analytics method and system that can configure, collect, and analyze log records in an efficient manner. The log analytics system, method, and computer program product provide target-based configuration of log monitoring metadata. The log analytics system, method, and computer program product can be implemented in a cloud-based/SaaS-based architecture.
10 Citations
20 Claims
-
1. A method, for configuring log monitoring to be performed in a system that implements a log analytics system, wherein the log monitoring comprises storing log data according to an association between log monitoring configuration metadata and a target, the target representing a component in a computing environment for which log data is generated, the method comprising:
-
generating the log monitoring configuration metadata by; identifying a log source corresponding to a target, the log source identifying a location to monitor for the log data generated for the target; identifying a parser for the log source; configuring log monitoring configuration metadata comprising target-side log monitoring configuration metadata and server-side log monitoring configuration metadata, the target-side log monitoring configuration metadata including information regarding the log source and the server-side log monitoring configuration metadata including information regarding the parser for the log source; distributing the target-side log monitoring configuration metadata to a host for the target, wherein the target is configured according to the target-side log monitoring configuration metadata; configuring a log analytics server according to the server-side log monitoring configuration metadata; gathering log data for the target from the host according to the target-side log monitoring configuration metadata; and performing log processing on the log data at the log analytics server according to the server-side log monitoring configuration metadata. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer readable medium having stored thereon a sequence of instructions which, when executed by a processor causes the processor to execute a method for configuring log monitoring to be performed in a system that implements a log analytics system, wherein the log monitoring comprises storing log data according to an association between log monitoring configuration metadata and a target, the target representing a component in a computing environment for which log data is generated, the method comprising:
-
generating the log monitoring configuration metadata by; identifying a log source corresponding to a target, the log source identifying a location to monitor for the log data generated for the target; identifying a parser for the log source; configuring log monitoring configuration metadata comprising target-side log monitoring configuration metadata and server-side log monitoring configuration metadata, the target-side log monitoring configuration metadata including information regarding the log source and the server-side log monitoring configuration metadata including information regarding the parser for the log source; distributing the target-side log monitoring configuration metadata to a host for the target, wherein the target is configured according to the target-side log monitoring configuration metadata; configuring a log analytics server according to the server-side log monitoring configuration metadata; gathering log data for the target from the host according to the target-side log monitoring configuration metadata; and performing log processing on the log data at the log analytics server according to the server-side log monitoring configuration metadata. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A log analytics system implemented in a cloud or software-as-a-service architecture, the log analytics system comprising:
-
a configuration mechanism to configure log monitoring comprising a memory having stored thereon a sequence of instructions which, when executed by a processor, causes the processor to execute operations comprising by;
identifying a log source corresponding to a target, the log source identifying a location to monitor for log data generated for the target;
identifying a parser for the log source;
configuring log monitoring configuration metadata comprising target-side log monitoring configuration metadata and server-side log monitoring configuration metadata, the target-side log monitoring configuration metadata including information regarding the log source and the server-side log monitoring configuration metadata including information regarding the parser for the log source;
distributing the target-side log monitoring configuration metadata to a host for the target, wherein the target is configured according to the target-side log monitoring configuration metadata;
configuring a log analytics pipeline at a log analytics server according to the server-side log monitoring configuration metadata;the log analytics pipeline receiving log data gathered from the host for the target according to the target-side log monitoring configuration metadata, wherein the log analytics pipeline performs log processing at the log analytics server according to the server-side log monitoring configuration metadata. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification