Skip to main content

LogPoint stores its internal logs in the /opt/immune/var/log/ directory. Here is the description of the most useful log types inside that directory. 

  1. Service logs
    /opt/immune/var/log/service/<service_name>/current
    This holds the internal service logs for each of the service of LogPoint. The current is the file in which logs are currently being written. The log files are regularly rolled over and are kept in the same directory as current.
     
  2. Benchmarker Logs
    /opt/immune/var/log/benchmarker/<service_name>.log
    This contains the benchmarker data for various services. Not all services are benchmarked but important services like norm_front, normalizers, storehandlers, indexsearchers, premerger, various collector & fetchers have benchmarker data in this location.
     
  3. System Metrics Logs
    /opt/immune/var/log/system_metrics/system_metrics.log
    This contains the operating system metrics that is regularly benchmarked in the system. It contains the information of CPU Usage, Memory Usage, Network Usage, Hard Disk Usage kept every 1 minute.
     

  4. Audit Logs
    /opt/immune/var/log/audit/<service_name>.log
    This contains the audit logs of various services in LogPoint. For example, one of the useful is that of webserver, which contains information of which user made what changes at what time from the UI. 

These information can also be obtained from LogPoint's Search as these logs are collected using the file system collector into the _logpoint repo. These are normalized as well, so with appropriate queries we can even construct dashboard widgets and alert rules based on the data from these internal log files. 
Some useful queries:

| chart count() by source_name
label = Benchmarker
"source_name"="/opt/immune/var/log/benchmarker/norm_front.log"| timechart avg(actual_mps)
"source_name"="/opt/immune/var/log/benchmarker/store_handler.log"| timechart avg(actual_mps)

 

Be the first to reply!

Reply