Why your log management software may not give you the real Dashboard experience

by Deepa Ramachandra on October 19, 2021

Visualizing log data is one of the biggest perks of using good log management software. Data is many businesses’ most critical asset. But, without proper use, a business’ data becomes just an artifact and no longer an asset. Visualization and analysis are the end goals of collating log data from their sources. The need for visualization arises from the fact that we intuitively process visual information faster than a random jumble of numbers and letters. Visualizing log data brings clarity to the application and infrastructure that is easy to read, decipher, and react to. Dashboards display information in the form of pie charts, geo charts, histograms, etc. Within a dashboard, businesses view complex log data simplified visually; when clicking through the visuals, the finer details of the Data are displayed. 

 

Though most applications offer dashboards, not all of them do it well. Some applications reset the dashboard settings when they release new versions, and others provide too many general pre-built dashboard templates instead of taking the time to create one good pre-built option for every use case. Even though a solid log agent, like our very own Stanza, should be your primary consideration when choosing a log management software, a good and reliable dashboard should be a critical factor as well. In this post, we take you through the various uses of visualizing your log data via Dashboards. The information presented should help you gauge if you are using the correct log management software for your business. 

Dashboards built with Kibana in obervIQ

Application and Web Usage stats:

In the virtual business space, companies value any insight that they can get from their data to understand the end-user personas. A good practice would be to set up a dashboard specifically for usage metrics such as:

  • top URL accessed, 
  • devices used to access the application,
  •  the location, language, and local time of the end-user.

 

 A usage dashboard can also be used to track network-based events that are logged from network devices such as firewalls, routers, and switches. It gives an overview of all the requests sent and received from and to the network, requests that were denied, and a list of all devices that are monitored in the network. This helps businesses easily capture anomalies in network behavior by comparing a standard graph to a graph with deviations from the expected. Network events such as unusual user activity, high application requests/denials, and failure in one or more network devices is easier to capture. 

 

Correlating Data to study trends:

 

In the past, when all we read were system logs, reading logs didn’t require visualizations. But, in the day of containerized microservices-based applications, reading logs manually is impossible, and skimming through all the logs ingested into a log management tool could take hours. In addition, in a landscape where logs originate from a dozen or more sources, an engineer is often left wondering which disparate system in the network is causing the error. That’s why businesses turn to visualization. In visualizing, businesses can create a correlation between the various log sources to arrive at a common outcome from all of the sources. The logs based on sequences, event patterns, and expected results are visually correlated on the dashboard. So when there is something that is of concern, businesses have the events from all the sources to compare and identify the problem areas quickly. In some scenarios, it may not be necessary to read through every log event; instead, a dashboard could convey the information businesses are looking for. For instance, a dashboard showing delayed response times from an application component could not just mean a flaw in that component, so a parallel chart of all components could present a clearer picture. 

 

Easier and quicker troubleshooting:

The biggest advantage of having a dashboard view is identifying issues even before they are reported. Monitoring the application for meeting SLAs and focussing on the KPIs set for the application is easier in the dashboard view. Businesses can react and fix an issue before it trickles down to the end-user. Often, high cardinality data that systems generally log are overlooked. To have this visualized on the dashboard makes troubleshooting more streamlined. When an issue is reported, businesses can begin with a check on the basics such as load volume, CPU usage, etc., before they move further into a detailed analysis. In some cases, the issue can be something as simple as CPU usage. Dashboards also give a clear picture of connectivity issues, helping businesses identify the areas that need some fine-tuning and avoid service disruptions.  

 

observIQ Dashboard:

observIQ offers a pre-built dashboard based on the logs ingested into your account. You can also build custom dashboards or clone an existing dashboard to create a new one. The visualization capabilities and dashboards are available to ALL users of observIQ. We do not restrict any of our users from taking advantage of this great functionality. The dashboards in observIQ are highly malleable; You get to add, edit. Delete, and position the visualization widgets based on your needs. 

 

Try using our dashboards and send us your comments. 

 

Sign Up for the observIQ Cloud Beta

Download the Splunk Solution Brief

Sign Up to receive updates on our products

observIQ Support

For support on observIQ Cloud, please contact:

support@observIQ.com

For the Open Source Log Agent, community-based support is available on our:

GitHub Repository

Sign Up for Our Newsletter