...
Culprit Locator (or root-cause finder) is a set of ELK-based dashboards created in order to mine the log information to identify where within a failed flow that a problem originated in the most efficient and effective way. The intention is that this would be able to help the testers and developers to get issues from identification to diagnosis/fix more quickly. This application demonstrates how the traceable logs can be used to enhance troubleshooting efforts for the testers and developers. The current version is based on explicit ERROR logs to quickly locate the problem sources in terms of components or subcomponents or a series of significant log details.
...
- Given a RequestId (or TransactionId), bring all related logs across all components for investigation
- Aggregate and visualize the logs by log level as highlighting the meaningful logs with a color coding
- List up all significant logs and their details
- Provide a drilldown link for further investigation at the subcomponent level, which displays
Data Requirements (logstash)
...
- Log trracking by sub-components over time with the same color scheme with the previous dashboard
- Table of error message patterns categorizing all diffeerent error messages (to be imporved)
- Table of all relevant logs at all loglevel, scrollable for investigating the logs for the specified time period
