Working with the Log Correlator Sample

Introduction

This sample demonstrates the ability to create your own correlator using the Hyades tools.

Contents

This sample will use the code created for a simple log correlator to correlate log records based on the record ID. See the Log Parser Sample for the format of the log file to be parsed.
Assume that 'syslog2.log' is the filename of the log file. Here's an example of what the log file can look like:

Initialized on Jan 4, 2003
## <Error> <02.22.03.10.53.22> c:\winnt\endc.dll is missing 00000000.001
## <Error> <02.22.03.10.53.22> c:\x\class1.class is missing 00000001.001
## <Error> <02.22.03.10.53.22> WAS_HOME is not set 00000002.001
## <Error> <02.22.03.10.53.22> Null Pointer Exception 00000003.001
System idle...
Performing security checks...
## <Information> <02.22.03.13.11.10> Restoring back-up files 00000006.000
## <Information> <02.22.03.13.11.11> System passed test 00000006.001
System idle...

Only the lines that begin with "##" will appear as a log record.

Requirements

Hyades 1.2.0 or above.

Prerequisites

This sample requires the Log Parser Sample.

Correlating the syslog2.log file

  1. Run the Log Parser Sample (File > New > Example, then select Hyades Logging and Log Parser Sample).
  2. Create the syslog2.log file locally.
  3. Before running this sample, add the required plug-ins to the search path of the Workbench then create a run-time instance of the Workbench.
  4. Import the syslog2.log file using the Simple Parser V1.0.
  5. In the Profiling Monitor view, select the local hostname.
  6. Right click and then select Open With > Log Interactions.
  7. Select the Simple Correlation Engine V1.0 schema and click OK.
  8. The Sequence Diagram for Log Interactions opens to the right.
  9. In the Sequence Diagram view, you can scroll up and down to see the interactions between the two logs.
  10. Right click on a square (log record) and select Log View to get detailed information about the selected log record.