Business Centric LogManagement (BCLM)™:

Understanding what to LogUnderstanding what to Log

Gerard Ibarra, PhD

What to Log

Developers sometimes do not recognize what to log or what is important to log that results in them to: Log Everything – Does not know what to log, so Log Everything – Does not know what to log, so

log everything conceivable Log Certain Things – Does not recognize what is

important to log, so log what is thought to be important

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 2

What to Log

Log Nothing – Has developed poor habits in development, so log nothing

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 3

Problems with Logging

Logging everything increases costs in: Development time Computer processing time Root cause analysis time Root cause analysis time Learning curve

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 4

Problems with Logging

Logging certain things may not provide what is needed to:

Conduct a full investigation

Find the root cause of a problem Find the root cause of a problem

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 5

Problems with Logging

Logging nothings leads to: Failing to know what a problem may be Spending more time looking for the root cause of

a problema problem Creating long-term problems because as the

systems become more complex, so does the problems, and finding and fixing them gets harder to do

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 6

How to Reduce Risks

Know what is important to keep the systems operating as designedLog what is importantDevelop standards for loggingDevelop standards for loggingGet into good habits about logging

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 7

Action Plan for Reducing Risk

Incorporate the Business Centric Log Management (BCLM) (BCLM) methodology

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 8

What is Business Centric Log Management

The BCLM methodology is a process that focuses on doing what is right for the company. It steers away from looking at an individual service or department. It individual service or department. It concentrates on what is best for the system. System is defined herein as the applications, servers, services, and networks of the company acting as one to meet an overall need.

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 9

Event

What is Business Centric Log Management

The Business Centric Log Management is a methodology that identifies events critical to the system based on

Eventto the system based on the business

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 10

System

BCLM helps a company to: Identify the events that are important to the

systems Relate the events to the goals and strategies of

What does Business Centric Log Management do

Relate the events to the goals and strategies of the business Rank the events based on criticality Tie the IT department to the business

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 11

What does Business Centric Log Management do

It unlocks the hidden information from the company’s systemsIt makes sense of their log dataIt turns the information into corporate assetsIt turns the information into corporate assets

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 12

Business Centric Log Management

Methodology

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 13

Business Centric Log Management

Buy-in: Get the executives to buy-in to the process since it involves multiple departmentsSystems Thinking: Think in terms of a system where the whole is greater than the partswhere the whole is greater than the partsBusiness Centric Methodology: Identify and define terms and processes – get everyone on the same page

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 14

Proc

ess

Mod

elBusiness Centric Log Management

Proc

ess

Mod

el

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 15

Business Centric Log Management

Collect the data Executive Buy-in – empowers the process since it

requires cross functional involvement Involvement – get the other departments involve Involvement – get the other departments involve Catalog – take an inventory of the systems; map

out how they relate to each other

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 16

Business Centric Log Management

Identify – identify what is important to the business; connect the applications and services to the business Matrix – rank the importance of the items; define Matrix – rank the importance of the items; define

those events that are critical; focus on those that make up 80% of problems for the business

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 17

Analyze the data Statistics – determine what statistics and or

methodologies are applicable to diagnose the systems using a log management and analysis tool

Business Centric Log Management

systems using a log management and analysis tool Analysis – perform the necessary analysis to

determine what the systems are doing based on the current conditions Interpret – what does the results mean and how

does it affect the systems and hence business

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 18

Business Centric Log Management

Results – review findings with appropriate parties Solutions - fix those events that can be fixed and

develop contingency plans for the others

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 19

Business Centric Log Management

View the systems Monitor – monitor the systems using the log

management and analysis tool (such as Violog) and maintain focus on the defined critical eventsand maintain focus on the defined critical events Alert – alert only the necessary individuals based

on predefined criteria by the company Act – initiate contingency plans based on out-of-

compliance systems

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 20

Business Centric Log Management

Resolve – fix any problems that could not be fixed previously due to resources or technology, and if fixed, go back to the identification process and repeat the process since there is a new base statefor the systemfor the system

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 21

Value Proposition

The BCLM process allows companies to: View the Health of the System – how the various

systems act as one overall system Align IT with the Goals and Strategies of the Align IT with the Goals and Strategies of the

Business – better accountability Boost Efficiencies – since only data that is

pertinent to the business is being viewed it reduces the amount of noise

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 22

Value Proposition

Make Better Decisions – know in advance how changes to the current systems would affect the overall system and business

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 23

Benefit to the Company

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 24

Benefit to the Company

Efficiency – Get to the root cause quickerDiagnosis – Find out what is going on with the systemsAnalysis – Do “what if scenarios”Analysis – Do “what if scenarios”Communication – Communicate more effectively with others by telling them what is going on with the systems

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 25

Benefit to the Company

Service – Improve service by anticipating and reducing system degradationVisibility – See how the systems are operatingReporting – Share information with individuals Reporting – Share information with individuals and departments easily and effectively

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 26

Contact Information

Copyright © 2009 Buildwave Technologies, Inc. All rights reserved. 27