May 11

Oracle Management Cloud – Log Analytics

In this last overview post I will give you a first glance of the Oracle Management Cloud offering called “Log Analytics“ as I experienced it in an Oracle demo environment.

So regarding this post, be aware (again)

My company eProseed is an Oracle Platinum partner, therefore I had the opportunity to ask for a trial on a demonstration environment, but as is, therefore this is a demo overview and not (yet) of a trial account / own test environment (but hopefully near to the real thing).

Also be aware that I had only 4 hours to play with this demo environment and although I tried to find every inch of info that was hidden under buttons, links, etc., it might be that I missed some pieces.

This demo environment is prepped by Oracle regarding, among others, an issue with a demo application called “Rideshare” (a “Uber” look-a-like kind of possible application).

This post has a lot of pictures. So note that:

> all images are clickable, so you can zoom in to have a better look at all the details in the pictures.

🙂

As mentioned before in the general overview post about Oracle Management Cloud and here as a reference:

Oracle Log Analytics Cloud Service stores and correlates machine data from many different applications and devices, from smart phones to mainframes.

Log Analytics

As mentioned in The Log Analytics documentation:

Using Log Analytics, you can:

  • Explore logs specific to the application experiencing a problem
  • Analyze and explore log data efficiently
  • Gain business and IT operational insight from log data
  • Rapidly derive value from logs
  • Troubleshoot problems from end user performance issues down to logs

Getting the data in…

After the latter short reminder/intro, you might start to wonder after reading the “Oracle Management Cloud” posts on this site: “Okay, fun, but where does the data come from…?”.

Especially while using, “Log Analytics”, that is, doing most of the data digging yourself, its important to do one step back and try to see the whole picture.

The Oracle Management Cloud gets its data via different “agents”. In the manual, they are described as follows:

Agent Description
Gateway A gateway acts as a proxy between Oracle Management Cloud and all other cloud agents.
Note: Deploy the gateway on one or more hosts with Internet access to Oracle Management Cloud.
Data collector A data collector reads data from your Oracle Management Repository and uploads it to Oracle Management Cloud using a gateway. A data collector also collects log information from targets.
Note: Deploy the data collector on a host with SSH and SQL access to your Oracle Management Repository.
Cloud agent IT Analytics: A cloud agent collects Automatic Workload Repository (AWR) data from your database hosts.
Note: Deploy the cloud agent on your database hosts.Log Analytics: A cloud agent collects logs from your target hosts.
Note: Deploy the cloud agent on your target hosts for which want to analyze logs.
APM Java agent The APM Java Agent collects and shares data about the performance of the application to the Application Performance Monitoring web user interface, from where you can closely monitor your application’s performance.
Note: An APM Java Agent is deployed on the WebLogic Managed Server where the application to be monitored is installed.

The APM Java agent (Application Performance Monitoring) is installed, started, under the wings of the WebLogic software and sends its data directly to the Oracle Management Cloud. The manual has an overview picture:

The other two, Log Analytics and IT Analytics make use of a gateway, data collector and cloud agents (databases, hosts, AWR data and OEM Oracle Management repository data). The manual has an overview picture:

The counterpart page in the Oracle Management Cloud section looks like:

As you can see, in this page, via the menu on the left, registered gateway agents, data collectors, cloud agents and APM agents can be shown and managed via these pages. The section for “Registration Keys” gives you the ability to download, create or revoke used keys and via the “Download” menu page the initial needed “AgentInstall” software can be downloaded.

Parsing the data…

Although via IT Analytics and Application Performance Monitoring services a lot of the following is automatically done, you can do more and or create your own data parsing methods. When you have setup the “pipelines” and the data comes in via the agents in the Oracle Management Cloud environment, you can use default data parsing and masking solutions and / or create your own.

The entry pages for altering, viewing, “Sources” and “Parsers” is not that intuitive. They are linked via using the headers / titles (see circle). If you click on those headers you get an idea of what is currently possible, that is, default sources and parsers and making your own functionality…

Have a look at the following pictures.

An overview of log sources. The ones with an “unlocked” lock are hand crafted, the ones which are locked are default by Oracle provided sources and parsers.

An overview of some of the available parsers

Creating your own source

Functionality under menu “Data Masking”

Parsing options and use of regular expressions

Associating and republishing altered source

There is more, but I leave that for now and focus on Log Analytics…

Log Analytics

Log Analytics is far more data focused than the other two (IT Analytics / APM). By that I mean that you will have to do more thinking yourself, correlate content/data/facts, etc.  You have to know your environment/data and its meaning. What Log Analytics you will provide with is indeed more “analyze and explore log data efficiently”. You are still able to create dashboards, widgets etc. and although Oracle still provides some defaults (/examples), Log Analytics has less “smart stuff” build-in than IT Analytics or APM.

You are able, via Log Analytics, to dive in your data, sort it, group it, filter it, visualize it in multiple formats, etc, etc, etc, via drag and dropping target, source, fields rows from the “Data” into the “Visualize” column and immediately afterward “run” it to see the results.

If you like your result, like for example the above one which shows an abnormality regarding a lot of generated audit files and enables you to zoom-in further into the problem via links or clicking on the bars, then you are able to save this log search as a widget. A lot of these are already available by default, besides the ones you create for personal use.

Database info

Web server info

Operation system info

Log info overall and trend information…

The “log analyzer” pages comes with its own drag and drop search facility to search etc data or you can do use an extensive search “language”.

Using the search language option

Search language

Common Search Commands

Search examples

Screen Shot 2016-03-23 at 12.24.31

Have a look at the documentation regarding “basic search commands” to see whats possible.

As said, if in the end, you like your log search, then you are able to save it and reuse it when you need it and/or reuse it as a widget in your dashboard.

Creating the dashboard

The following shows a simple attempt of mine to create a dashboard of a log search I reused in a imaginary “company dashboard”. Have a look at the pictures to get a feel of how or what you can do with the saved log searches.

Creating a search

Screen Shot 2016-05-11 at 16.46.26

Saving the search

Screen Shot 2016-05-11 at 16.46.35

Stored search can now be found via “open”

Screen Shot 2016-05-11 at 16.46.43

Saved search can have a description

Screen Shot 2016-05-11 at 16.46.51

Creating a new dashboard

Screen Shot 2016-05-11 at 16.46.08

Label the new dashboard

Screen Shot 2016-05-11 at 16.47.00

Fresh dashboard overview

Screen Shot 2016-05-11 at 16.47.08

Adding the save search to the dashboard

Screen Shot 2016-05-11 at 16.47.20

Formatting the display of the search to your liking

Screen Shot 2016-05-11 at 16.47.27

Widening the saved search widget

Screen Shot 2016-05-11 at 16.47.52

Setting, for example, default refresh options

Screen Shot 2016-05-11 at 16.48.00

Setting, for example, default date range

Screen Shot 2016-05-11 at 16.48.07

Re-arranging and adding additional “Database Log Trends” log search info

Screen Shot 2016-05-11 at 16.48.16

Finalized simple “MyCompany Dashboard” can now be saved so it can be found directly under the “Dashboard” menu

Screen Shot 2016-05-11 at 16.48.25

Finally…

As mentioned before, its only an overview of some time I had with the software. There is way more than I have described here (and probably new stuff coming as well) but I hope you enjoyed it and have a better idea what Oracle Management Cloud brings additionally to the Oracle Cloud offerings table…

Probably also good to mention that there are “hook-ins” from, for example, Application Performance Monitoring in Log Analytics. By that I mean, that its possible to click on details in APM that end up on info of Log Analytic pages. In all its not yet clear to me what this, for example, has an result regarding licenses, therefore in these posts I focused on the technology first and tried to explain my current understanding of what it is and/or what you could do with it.

I hoped you liked this small series of Oracle Management Cloud service offerings, aka “Application Performance Monitoring”, ‘IT Analytics” and last “Log Analytics”.

HTH/M

 

CategoriesCloud Oracle Cloud Performance

TagsDashboards Log Analytics Log Explorer OMC Agents Oracle Management Cloud

Marco Gralike Written by: