3 key features for log management with HP OLI

Guest Post by Shimrit Yacobi, Software Engineer and Naama Shwartzblat, Technical Marketing Manager

 

When working with complex IT systems, you can always rely on your logs to give you a clue about what went wrong. Logs can keep track of all of the interactions and events within your systems.  The challenge for large IT systems is finding what you need when there are so many log files distributed over so many devices—some of which are not even accessible.  Where do you start?

 

The solution is to use one centralized tool to collect the logs from your entire environment, store them, and provide smart search and data manipulation capabilities.

 

Today we’d like to highlight three key features of HP Operations Log Intelligence (“OLI”) to manage your logs! OLI can help remove the stress involved with maintaining and searching your logs and IT operations with:

  • Strong License model
  • Fast and advanced Search on all data
  •  Efficient Storage compression

You can try HP Operations Log Intelligence here

 

License Model:

Log data is increasing by the minute. Some tools have license models based on the volume of log data. Users have to keep track of how much data they have to ensure that their log management tool continues to function. Usually, when there is a major IT problem, log data increases exponentially (because it is keeping track of the additional error messaging). This can become really expensive under the data volume model or worse, it can cause your log management tool to fail at the time you need it most.

 

Operation Log intelligence has a license model that does not suffer from this issue. OLI is licensed on a per-node basis, so there are no restrictions on the amount of incoming log data.

 

Search:

Searching across log data sources can be very time consuming, especially in virtualized environments. Due to OLI’s natural language and fast text-based searching, domain experts are able to perform in-depth log analysis quickly and easily.

The OLI search tool includes an easy-to-use autocomplete search as well as search history, and examples of searches. It supports both simple and complex queries.

 

OLI screenshot.png

 

OLI leverages the ArcSight Common Event Format (CEF) that does not require any familiarity with source-specific log. OLI ships with a bundle of smart connectors for various log file sources, which handle the raw data and send to HP OLI messages fully indexed and available for fast searching and dash-boarding via a simple Google-like search interface. OLI provides interactive searches across all logs, a comprehensive drill-down dashboards, and real-time alerting.

The single console dashboard can search on multiple OLI’s. Each OLI instance can handle search rates of up to 100k events per second while maintaining high collection rates and storage efficiency. This allows you to collect and store all log data to support real-time incident management, compliance and other data retention requirements. 

 

Interesting search patterns can easily be converted into real-time alerts via SMTP, SNMP, or syslog for fast detection and mitigation of IT operations issues.

 

Storage:

OLI is based on HP’s well-proven ArcSight Logger technology and patents for efficient search and storage, customized specifically for IT Operational performance.

 

OLI offers multiple storage options and efficiently compresses log data at an average ratio of 10:1. All the highly compressed data is archived to provide fast returns on searches.

 

A single instance of HP OLI can capture raw logs at rates of up to 100,000 events per second, compress and store up to 42 TB of log data, and execute searches at millions of events per second.

 

How do you get started? Download the Trial here.

 

You can also learn more about HP Operations Log Intelligence in my previous blog:

 

Find out more at the homepage here: www.hp.com/go/oli

 

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author
This account is for guest bloggers. The blog post will identify the blogger.


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation