NL-Cristi / LogCatcher

Tool to help collection of logs
MIT License
17 stars 7 forks source link

Create reports that shows events and logs grouped By the use case by timeframe #22

Open v-paulino opened 2 years ago

v-paulino commented 2 years ago

Hi there

When troubleshooting different use cases the common sources of that that we search for, currently is separated and in different folders, organized by the location where that information exists.

It would be useful to have a report that could shown the main useful information that happen in a timeframe that we could set in the UI grouped by troubleshooting use case.

Authentication Report .txt: | Time Frame | source | Count | Event Ids | Error Codes | Details | | 12h00-13h00 | Event Log Lsa | 3 | YYYY, XXXX, | | < event message > | 12h00 - 13h00 | Event Logs Kerberos | 4| AAAA, BBBB| | < event message > | 12h00 - 13h00 | FREB Logs | 3 | | 401.2 | Request Summary with URL, App Pool, Authentication | 12h00 - 13h00 | Http Err | 3 | | 403 | http response message

Crash Reports.txt: | Time Frame | source | Count | Error Codes | | 11h00-13h00 | Event Log WAS | 3 | YYYY, XXXX, | | 11h00 - 13h00 | IIS Logs | 100 | 500 |

Currently we have different sources of information: Event Logs , IIS Logs, Freb Logs, Http Err Logs. For each entry that we find that is a error or warning we could increment the count, collect the Event ID and the Error Code/Status Code.

To not impact the time we take to collect all the data , this reports could be generated only by the person that is troubleshooting the issues. For this it could exist a button that could represent the trigger to generate such reports.

With this information we could easily identify i which time frame we had the main errors that we are looking for depending on the use case, such as Authentication or Crashing.

NL-Cristi commented 1 year ago

@v-paulino , this is a tool for the collection of logs. Do you want to have the ability to generate the reports once the logs have been collected, or before collecting them? I`m asking this as that way i can think how the feature should be implemented.

v-paulino commented 1 year ago

Reports should be generated from data collected only and also available on the zip file. If could be implemented in one of two possible ways. During collection stage, or during the troubleshooting stage. During Troubleshooting stage: Sometimes we see that log-catcher takes a while to collect everything and create the zip file. In such cases and because that is data needed mostly for troubleshooting it could only be generated when we are doing troubleshooting and not so much during collection of data. A button describing the action like :" Generate Reports" could generate all the implemented reports that we want could be useful.

During Collection Stage: On the other hand, collected data does not change after being collected ( it shouldn´t ). So we can generate the reports once and read the reports many times after being generated and stored into the zip file. This approach could make sense if it would not impact the amount of time it takes to collect and generate the zip file during collection of information.