F.A.Qs

Frequently Asked Questions

If you can think up a log monitoring necessity, LoGrobot / logXray  can accommodate it.

The massive log monitoring capabilities of logXray include, but surely aren't limited to:

1.  Monitoring/Alerting on the contents of system log files (errors, strings, keywords, patterns etc)
2.  Monitoring/Alerting on custom Application log files (mysql, oracle, apache/http and much more)
3.  Alerting if certain keywords / patterns ARE NOT found inside a specific log within a specific timeframe
4.  Monitoring/Alerting on the timestamps of log files (verify specific files are being updated regularly)
5.  Monitoring several log files at the same time - (very useful if you have multiple logs to scan)
6.  The capability to monitor both live and rotated logs to ensure no critical log entries are missed
7.  Graphing the frequency with which user-specified patterns occur in log files
	Or graph for anomalies
8.  Monitoring/Alerting on the size of log files (make sure a log or file does not grow past a certain size)
9.  Monitor large log files no matter how big they are (even logs that are several GIGABYTES in size)
10. Conditional Monitoring..i.e:
	a). Alert if the value(s) in a certain column of specific log entries has a value greater than or less than x
11. View log entries on from multiple remote hosts/servers from one Web Interface (avoid having to SSH to each host)
12. ANALYSIS - Easily identify which minute or hour of the day had the most entries recorded
	- Anomaly Detection
 
More Features:

1). Configurable to run either via Zabbix, Zenoss, Nagios or CRONTAB (as a cron entry)
	a). Get email alerts & notifications on all log checks
	b). Does not require the installation of Nagios, Zabbix or Zenoss
2). Automatically send log metrics to Graphite for historical trending and visualization
	- No need for any extra configurations on your part!
3). Avoid having to read endless documentations or waste time training staff on new software
4). Monitor several different patterns in the same log
	a). Allows passing of different thresholds to each pattern
	b). Allows for the filtering of specific lines to avoid unnecessary noise
5). In-Depth Analysis: Check logs for instances of unusual behavior
	a). Can be configured to alert whenever abnormality is observed in log content, log growth and/or log update times
		i). Identifies irregularity in the activities of a monitored log
6). Manage log file checks from a central location
	- Integrate with Nagios, Zenoss, Zabbix, Sensu, Hyperic, New Relic and much more!
	- Aggregate critical log entries into one central server
7). Monitors custom Log Files of any application or database on any Linux / AIX / HP-UX / Sun Solaris host
8). Simple, pluggable command-line parameters (no need for any confusing configuration files)
	- Eliminates the need to have to re-deploy configs to remote hosts each time a log check is implemented or updated.
9). Monitor Directory File Count***
10). Can be configured to alert on the size / disk usage of all monitored log files
	Example:
		Alert if the size of /var/app/custom.app.log exceeds 10MB
11). Configurable to alert on the growth of log files
	Example:
		Alert if the most recent size of /var/log/messages is the same size it was at the time of last check
12). Monitor all or specific type of logs in a specific directory
	a). Point logxray to ANY directory with just one check!
		i). Avoid having to define separate checks for each log file
	b). Specify the type of files to exclude / include in monitoring
		i). Assign different thresholds for each file type
13). Monitor timestamps of files (ensure specific logs are being updated regularly / frequently)
	- Monitor the age of single log files or multiple log files in a directory
14). Scan specific logs via time frames (i.e. previous 20 minutes, 60 minutes,  1 day, 1 week etc)
15). Alert when expected records of events are NOT found within a set period of time
16). Scan logs for specific entries and exclude a list of user specified patterns from the result
17). Allows for monitoring of all log files, even Windows files (mounted through NFS on a UNIX server)
18). Provides information in each alert on how long ago a particular string/pattern was last found in a monitored log
19). Remote Agent Included to enable monitoring of logs on several hosts FROM ONE master server
	a). This is for users who don't have NRPE installed in their environment
		i). Allows complete control of log checks on all remote hosts / servers
20). Automatically figures out conditions on which to recover alerts, based on log content & other variables
	- No false positives
21). Automatically detects log file type and format without user intervention (if using autofig, as opposed to autonda)
22). Use ONE tool to automatically monitor any log format - Avoid using several different scripts!
23). Monitor SYSLOG files in Linux / HP-UX / SunOS / AIX (/var/log(adm)/messages, /var/log/syslog(kern.log) etc)
24). Updated regularly to meet new demands from various clients / companies
Yes.

With logrobot, there's very little you have to do.  Unlike other tools, LoGrobot does not require users to install packages, libraries or modules that are unnatural to the UNIX system in order to get it work.  It just works!

Just drop it in any directory you want, run it and that's all there is to it!
logXray and logrobot are the same.  They come together in the all of the packages available on the pricing page.  

logXray is a much faster version of the LoGrobot tool and it gives users more flexibility with regards to the number of log files it can monitor simulteneously and the number of different patterns being searched for in those logs. 

What one tool lacks, the other makes up for it. logXray is faster version of LoGrobot which can be used on any UNIX system (Linux, AIX, SunOS, HP-UX).
Yes. If your list of strings is too long or too many to fit nicely on the command line, you can instruct LoGrobot to use configuration files instead.  All you need to put in the config file(s) is the list of patterns (one per line) you want to monitor.  Nothing more.
Yes. LoGrobot automatically watches for signs of log rotation and when detected, it proceeds to scan the unread entries from the recently rotated log, in addition to monitoring the fresh live log.
Yes. LoGrobot can monitor any log file regardless of format or size.
Absolutely not! LoGrobot does not rely on any other application in order for it to monitor and alert on logs.
If you wish to visualize your log file activities, you have options.

1. You can download and install the Graphite Application
	- You may want to also install Grafana if you wish to beautify your graphs
		- We can help you with the installation of both Graphite and Grafana
	- After Graphite/Grafana is installed, simply add an entry to each log check you create
		- The entry you will need to add will include the graphite server IP and the port
			- Whenever LoGrobot sees a check with a graphite setting, it will automatically
			  send its metrics to the listed IP at the listed port.
				- Example:
					... '.*error.*' '.' 1 2 errchk -ndfoundmul graphite,52.88.12.122,2003,typical

2. Utilize the dashboard already included with the LoGrobot package
	- With this dashboard, you dont need to install Graphite.  
		- All you need is an Apache/HTTP PHP Enabled Webserver
	- You can generate on-demand charts and graphs to show the historical trend of:
		a). Application, Database, System & Network errors
		b). Volume of entries 
		c). Compare the latest metrics retrieved from a log check to past metrics
			- Know quickly if the current value is cause for concern
				i.e.
					- Why is the volume of entries today lower than that of a week ago?
					- Why did the number of errors suddenly triple in size?
					- Why is the volume of entries for the current hour so different from
					  the same hour, yesterday, the day before, 3 days ago, a week ago etc
		d). Uncover valuable pieces of information you didnt even know were available!
No.  LoGrobot / logXray has years of real life situations built into it. It has been heavily tested in QA, DEV, PrePROD and PROD environments. The tool as it is, is highly versatile and able to handle any situation you throw at it.
Yes. There is a 90 Day Money Back Guarantee. If you're not satisfied for any reason with the LoGrobot tool, by all means, please let us know. We stand proudly by our product and the time-saving, labor-eliminating services it delivers.
Absolutely. We usually complete custom development requests within 24 to 72 hours of submission. 

If your request isn't of an urgent nature, please state so in your email. 

NON-Urgent email requests will be completed within 5 business days.  Contact us for more information.
Here are the simple steps you need to take for that to happen:

If using NRPE,

	1). Simply copy the logXray zip file you just purchased to the hosts on which you have log files to monitor
	2). unzip the logXray.zip file
	3). Put the unzipped tool into whichever directory you consider your plugins or scripts directory
	4). Define an entry in the nrpe.cfg file
	5). Restart the nrpe process on the host

If using the Custom Monitoring Agent that comes with logXray:

	Place LoGrobot on all your UNIX machines.  Installation is very simple:

		1). Copy the logXray.zip file to each one of the hosts that you have log files on.
		2). Unzip the logXray.zip file, then run the installation command.

	Basically, here's all you have to do on each of your UNIX Hosts:

		unzip logXray.zip ; cd logXray
		./InstallAgent.sh     /var/tmp/logXray     1040     10.20.30.40

		Explanation of the parameters:

			/var/tmp/logXray is the default location logXray will be installed.
			1040 is the TCP port number on which the MASTER server will connect to each remote hosts
			10.20.30.40 will be the IP of the MASTER server (the primary monitoring server)

1. Simplicity - It does not require an extensive learning process to get used to. Extremely user-friendly!
	- Unlike any of our competitors, we built LoGrobot / logXray to cater directly to the everyday needs of the typical:
  	   - System Administrator - Watch system logs, security logs, mail logs and basically any logs 
  	   - Database Administrator - Monitor multiple different error codes in one log or multiple logs
  	   - Be able to easily specify exclusion patterns in areas where you wish to eliminate unnecessary noise
  	   - Monitoring Engineer - Spin up new log monitoring checks very quickly without having to develop them yourself!
  	   - Developers - Monitor important log files for errors or activity during code testing
     	   - Get alerts and / or watch progress on live graphs

2. Versatility - It can be used either as a plugin or its own standalone monitoring system
	- Usable directly on the command line to perform a wide range of different operations on logs & directories

3. Compatibility - Easily integrated with your existing monitoring system
	- Nagios
	- Zabbix
	- Zenoss
	- Sensu
	- Tivoli
	- Datadog
	- Crontab / Cron (for sending log alerts in case you dont have any monitoring system in place)
	....

4. Support - All users of LOGROBOT receive free support (custom development / live assistance)

	- When it comes to the monitoring of log files and the management of alerts on them, we understand there are
	  infinite number of ways things can be done
		- Our users are given the chance to request the development of custom features for free
			- These customer specific features will be tailored specifically towards each individual user need
				- If we believe a newly requested feature will be useful to the general public, we will
                                  add it to future releases of the LoGrobot suite!

5. Command line Usability - All necessary parameters are passable directly from the command line - No configs!

6. Modules - Unlike most tools, it does not require the installation of nonnative modules or libraries to the system
	- What that means is, there is nothing complicated for you to configure

7. Affordable - A very inexpensive log monitoring tool considering the amount of work it will save you
	- No more scripts for you to write!
	- If you need a custom feature, simply reach out us (support@logrobot.com) to develop it for you, for free!

8. Maintenance - Constantly updated for added simplicity, building of new features & polishing of the old
	- Yes, all new customers get those updates for FREE for the first year

9. Speed - Completes scanning of log files in a very short period of time
	- Can monitor multiple logs in a directory in under 1.5 second
	- Requires NO extra system configuration or new package/library acquisition for it to work.  
		- Its ready to go right out of the box!

10. Alerting - Its sole purpose is to monitor log files & alert on anything about them...i.e. content, size, timestamp etc