DEV Community

Jovan Hernandez
Jovan Hernandez

Posted on • Originally published at jovanshernandez.com on

Using Logs to Monitor Apache Web Server

In order to effectively manage and monitor your infrastructure, a web admin needs clear and transparent information about the types of activity going on within their servers. Server logs provide a documented footprint of all traffic and errors that occur within an environment. Apache has two main log files, Error Logs, and Access Logs.

Error Logs — Apache error logs provide diagnostic information and descriptive errors that occur during a server’s uptime. This is almost always your first step to diagnosing and troubleshooting issues with your server and environment. Depending on your environment, your Apache error logs may be available in different folders.

Access Logs — Apache access logs record all incoming requests and traffic to a central file. For example, when someone visits your website, a log is created and stores the visitor’s information such as IP address, what pages they accessed, browser information, and what time they visited. This information is critical to administrators and developers at providing insight into their end-users behavior, what they are accessing, where they are accessing the site from, and with what software and operating systems.

A normal log file for Apache could have hundreds of thousands of lines that an administrator would need to parse through using command-line tools and utilities. If you are new to an environment, it could be like finding a needle in a haystack. Even for seasoned administrators, it can often be cumbersome when you are in a time-sensitive situation and you need to find the root cause of your server being down. Your issues become compounded if you are managing more than one server, and they exponentially increase if you are in an enterprise environment managing multiple infrastructures.

Why deal with a log file when you can deal with a clean dashboard graphical user interface? This is where Sumo Logic comes in.

Where normal human eyes flounder, Sumo Logic comes in to save the day. On even a somewhat low-traffic server, the amount of data that is stored in the log files gets to be very large. Eventually, that file will get too large which in turn will require admins to rotate those log files by moving or deleting them. Configuring Sumo Logic to ingest these log files gives you a complete history or what your systems are doing and how they were performing months ago when you no longer have an archive of those log files.

Log rotation alone is enough to cause information inconsistency issues when maintaining systems, so imagine trying to wrangle several dozen or even several hundred servers. Having logs rotated every day (and some may even require hourly rotations) from hundreds of servers would cause any IT admin to lose their mind by trying to find the needle in the haystack root issue. Even if you are a command-line wizard, log files become unruly very quickly. Having them all stored in one central dashboard in the cloud allows admins to oversee and maintain hundreds of servers all in one central location.

Gain extra visibility into Apache

Parsing through Apache logs can be burdensome without tools like Sumo Logic

Chances are, if you’re reading a tech blog about analytics software, you might be familiar with this scenario. Your team just finished building and deploying a brand new app. It’s been released out into the wild and everyone is excited and anxious for some public feedback. You noticed activity on the server but don’t know where it’s coming from, who these users are, or what they’re doing. You start to get bug reports from certain users yet you aren’t able to recreate those issues on your end. Other users are reporting the same bugs while some users say they can’t even log in. You start tailing the error logs and try grepping for users who are strictly accessing via Safari on iOS, but you can’t seem to find the root cause to the reported issues. How do you launch an app, fix bugs, and keep up with all the incoming data from end-users without getting overwhelmed? If only there were an analytics tool that could parse through the hundreds of thousands of lines of code from your log files to help identify where your users are coming from, what software they are running, and which pages they are visiting. This is where Sumo Logic comes in.

Sumo Logic captures and transforms your data analytics, providing full visibility through a clear and easy to use dashboard useful for you and your team to search, monitor, and identify specific events or outliers that occur throughout your application infrastructure. With tools such as advanced logging, traffic analysis and the ability to isolate critical errors, Sumo Logic is great for performance management and also identifying potential security threats or vulnerabilities. Sumo Logic can also be leveraged to provide better insight into how your users are navigating your site and what their experience is from reaching your site to when they sign off. Having end-user analytics improves your business with invaluable information to build a better overall experience for anyone who navigates your website.

Why use Sumo Logic with Apache?

Sumo Logic uses analytics to optimize an administrators ability to monitor and troubleshoot activity, allowing them to be proactive and react to issue before they affect end users. Being able to identify root issues decreases downtime, increases availability, and improves overall system performance and user experience.

Resolving issues and server downtime is certainly helpful, but combing Sumo Logic with Apache log data provides information to marketers and developers as well, not just infrastructure and systems teams. Sumo Logic provides developers with the tools to be able to highlight customer interaction with popular web pages, identify frequent referrers or sources, and determine what devices and operating systems most users are using while visiting a website or application.

Sumo Logic is versatile in a way that allows you to install an agent into your infrastructure to allow constant loading of new log data, or you can also manually import your own log files for the data to be analyzed and displayed on custom dashboards that you choose to build. The choice is really yours on how you want Sumo Logic to parse through your data. There are so many different metrics, variables, and parameters that can be configured, the possibilities are pretty endless.

Some key metrics you can search for in Sumo Logic include:

  • Pageviews
  • IP Addresses
  • Geolocation of Users
  • Status Errors (400 and 500)
  • Browser and Software Versions
  • and more…

With Sumo Logic, teams are given a centralized location to store and view all critical Apache server logs. The business team can log in and view specific dashboards with custom metric filters that cater to their business needs, while developers and engineers can also log into the same account and view their own custom dashboards with analytics on their server performance, view errors, and find root causes all from a GUI web portal.

Not only do teams and organizations gain a better insight into their systems infrastructure, but they also gain better insight into their clients and customers’ interaction with their website or applications. It’s a win-win for both system operations and business development.


Note: This post was originally featured on Sumo Logic’s Resource Center Blog

Top comments (0)