Access Logs Analytics are web server’s event logs anomalies analysis of HTTP status codes and other records generated by users’ requests accessing a website.
Access Logs presents a website’s HTTP Status codes, Top URLs, Hits over Time, Top hits per user, Top hits per client IP, Number of users over time, top countries, users GEO IP, Average Bandwidth (MB) Over Time, and a website’s performance. An Access Logs Analytics provides a set of tools that visualize the analysis process and minimize the time to diagnose and improve Access Logs Anomalies, as in the new and upgraded XpoLog Access Logs Analytics. Read more about What is an Access Log here.
Access Logs Analytics on HTTP Codes
The first step in having analysis on your access logs would be to query on visits recorded. For that you can use XpoLog Access Log Viewer and write (or just Copy & Paste) the following –
* in log.access* | count | group by url | order by count desc
Please note –
- If you want to Analyze Access Logs Anomalies straight away, you may skip this step and go directly to the next section (Access Logs Anomalies Analytics) and type the second query.
- The colors in the search query are changed as you type to assist DevOps and IT admins in easily writing search queries.
That query will present a website’s most visited URLs (result as shown below):
Explanation – the above result screen presents –
- Access Log Analytics tree on the left (see next)
- Access Log Analytics graph with the most visited web pages – in the above screenshot see the top 3 pages: root (home page), Download page, the XpoLog /logeye/ Log Analyzer page. Additional web pages are presented along the X axis.
- Access Log Analytics insights section at the bottom of the screen presents an aggregated list of HTTP status codes – errors found all over the access logs that XpoLog searched through to find the most visited URLs.
Access Logs Anomalies Analytics
Next, using the XpoLog Search Interface we will Search & Drill-down on records and look for anomalies in the /logeye/ page.
XpoLog Access Logs Viewer features a Google like interface to intuitively and quickly search for anomalies and understand how to analyze and fix them quickly. Type your search query in the search field above and view all anomalies / errors instantly in a various set of graphs along with lists that are dynamically & real time generated (see below).
Write down or Copy & Paste the following query to XpoLog Search Interface:
url = “/logeye/” IN log.access*
A similar to the following screen will be presented:
Notice the Analytics Insight section at the left side bar of the XpoLog Search Interface page.
Analysis – we see a few Access logs anomalies in June by looking at the 3 HTTP status codes errors: 500, 501, and 404 for the /logeye/ page (an internal server error and page not found). Having these critical errors and anomalies detection at a main business process page is a deal-breaker for a website owners, IT admins and DevOps personnel. Now we are able to zero-in on the Root Cause Analysis (RCA) of these anomalies with the information in the below table and fix them before new users will experience the same errors.
XpoLog Access Logs Analytics
Now that we have configured and viewed the access logs visitors behavior analytics at a higher level, XpoLog Analytics interface will assist us further with an even deeper view and analysis of anomalies and business process improvements.
The XpoLog Access Logs Analytics Interface below shows the HTTP status code errors auto-detected by XpoLog for the month of June:
The screen presented in no time is divided into two parts
Access Logs Analytics Graphs at the top of the page, presents the access logs anomalies over time (graph type can be changed on the top right of the pane)
Access Logs Analytics Insights presents the aggregated statistics of each error, its severity level, its type, frequency of errors in the specified time range (can be changed at the top of the page) and the percentage of the errors. Each line is dynamic and can be clicked to further inquire on a specific anomaly.
XpoLog knows how to identify each log event, scan it, and compare its content to XpoLog’s own ontology (unique proprietary dictionary). This helps XpoLog understand the severity level of the anomaly detected, and automatically shows you how severe your errors actually are.
As you can see from the screen capture above, the 500 and 501 errors are marked in red, indicating they have a high severity and should be tended to quickly (the 404 error has been given a medium severity level). Since XpoLog knows how to automatically set the severity level, you are free to set your priorities accordingly.
Access Logs Analytics deep insights
You can keep drilling down further and see the root cause analysis of an anomaly. Clicking for example on the 404 errors (in the table under the graph) and XpoLog will automatically gather insights and show you the detailed search results for all the 404 Access Logs errors:
The drill-down action brought us back to the XpoLog Search Interface and created a search query automatically that you can save for later use, for example, after you have fixed the error and want to verify it eliminated the anomaly.
XpoLog automatically moves you back and forth between the Search and Analytic Interfaces, depending on what you’re looking for. The more detailed information you can gather, the closer you can get to the root of the problem, and in turn, the easier it will be to address the issue.
Uniquely to XpoLog, these analytic insights help you stay many steps ahead of real time errors by presenting anomalies of all logs in your search, whether simple or complex, by having real time alerts and addressing anomalies before website’s visitors encounter them.
It is like having a real time QA engineer (web tester) for your website at no extra cost.
Fixing the anomalies detected with XpoLog Access Logs Analytics will solve many painful issues every site owner is experiencing as performance and latency issues, integrity of data, security breech, users’ experience and more.
To sum up, an Access Logs Analytics are set of dashboards that include tables and graphs that based on the content of the Access logs content and best practices are aimed to visually zero-in on anomalies created whilst users accessing a website. XpoLog Access Logs Analytics pinpoint all the insights like type of errors, frequencies, geo location, IP, timestamp and more to eliminate a web server’s user generated errors. Access logs are the fore front of the company. Fixing access logs anomalies improves users experience and their satisfaction.