Log Event Monitoring and Rules
“XpoLog allows us to create rules on our data so that alerts will be triggered according to our requirement”
Log Event Monitoring
XpoLog has advanced predefined monitors that can be automatically run on the specified logs at the predefined scheduled times. You also have the option of creating your own rules that will send alerts once events match the rules.
Predefined monitors are automatically run on specified logs at the predefined scheduled times, with XpoLog’s advanced monitoring engine, searching the log for events that match the defined rules. But you can also create your own rules.
In the XpoLog Log Monitor, you can create rules to monitor one specific, any, or all logs in the system.
You can define parameters and rules, the scheduling of the monitor, and the alerts that are to be sent if a matching event (that meet the defined rules) is detected.
- There are different types of alerts, such as emails, batch execution, REST API calls, SNMP trap, JMS message, Script, and others.
- You can define that the Monitors will add the matching log events with the detected errors to the alerts that it sends.
- You can also create a complex monitoring mechanism by creating multiple Monitors that are executed together and report on failures in your logs.
- Complex Rule Monitors
XpoLog allows rules that are not just finding a string or error, but complex monitoring rules.
XpoLog Analytics offers automated log event monitoring and problem isolation. It automatically scans the logs for errors, risks, and anomalies according to predefined rules.
The XpoLog search monitor runs automatically by the system at scheduled intervals and executes a search query as its monitoring rule.
XpoLog also enables you to create your own rules to monitor any or all log(s) in the system. The search monitor can be defined directly from the search console.
It can allow rules that are not just finding a string or error, but to give a complex monitoring rule, for example sending an alert if there is a field avg X increased by factor of Y in a given time frame across specific servers.
- Alerts and Notification
The XpoLog Monitor sends alerts to notify users of events in the log that match the defined rules. XpoLog offers a wide range of available alerts – Email, SNMP trap, JMS message, batch execution, REST API calls, Script, and more.
The XpoLog Monitor automatically sends alerts to notify users of events in the log that match the defined rules.
You can define that the monitor send the alerts from any of a wide range of available alerts – Email, SNMP trap, JMS message, Script, batch execution, REST API calls, etc.
You can also request from the XpoLog Monitor to add the matching log events with the detected errors to the alert that it sends and even create your own complex monitoring mechanism by executing several Monitors simultaneously to report on your logs.
- Proactive Log Processing
XpoLog has a proactive engine that scans all log data as it is being added to XpoLog and identifies, without any pre-knowledge, critical problems in logs and servers.
Often, while searching for known errors, XpoLog will find unknown errors as well. Sometimes, these errors are made right at the beginning when defining a search.
For example, XpoLog will automatically send out an alert if it recognizes something the user did not ask for,or asked for in an incorrect manner, such as, incorrect configuration, or a log that is showing the wrong time zone (like it found an error that will occur tomorrow), etc.
XpoLog’s alerting and notification mechanism can be used for external monitoring, control or systems management consoles.
The XpoLog Monitor automatically sends out alerts once a rule (defined in the Search Monitor) is matching the monitor. The alert executes an external script. The reporting and report exporting are supported as well.
You can integrate external systems with XpoLog’s notifications and reports, and keep everything in one centralized location for your convenience.