Accelerate Time to Value for Log Analytics with the Oracle Management Cloud
Guest post by Philip Brown, Director of Cloud Strategy @ Red Stack Tech.
Oracle Management Cloud is the latest innovation from Oracle, a unique on-premise and in cloud suite of monitoring, management and analytics services, meeting the individual needs of each business. This unified suite enables you to improve IT stability, prevent application outages, increase DevOps agility and harden security across your entire application and infrastructure portfolio. To find out more about Management Cloud, click here.
In this blog post, Philip will be discussing how Oracle Management Cloud can offer Log Analytics with a very quick time to value, allowing you to utilize and understand log data from your infrastructure and software stacks in a visual way.
IT, we’re our own worst enemy. I’m a technical person by background and I work with and see technology implemented all the time. The challenge for technical people is that there are always two ways of doing things and one is way more appealing than the other.
A perfect illustration of this is database backups. When I started out with Oracle it was the norm to write a shell script which would enable a database backup. As time went on the tools created by Oracle to enable and manage backups pretty much did away with the requirements for scripts. But those scripts kept getting written. As I progressed my career in IT and worked with more and more clients, I came across more and more elaborate backup scripts written in all weird and wonderful languages. Quite some time ago I shifted my focus to a ‘buy before build’ principle. This is an architecture principle which states that if you can buy / utilize something of the shelf you should do that before building your own.
The problem lies in the fact that IT people are technical in nature, why buy something off the shelf when you write your own. The problem itself is of interest to technical people; it’s a technical problem that needs to be solved. But the problem is, you are now trying to solve two problems. One is writing a backup script which can be used across your estate, across different versions of Oracle and two, is having a robust backup. The key here is that the business doesn’t care about the former they only want the latter. They want the robust backup and they want that to be achieved in the quickest time possible. Sadly by writing four pages of Perl scripts to do something that Oracle created a tool for about 15 years ago is not the way to add value.
So how does this relate to Log Analytics and the Oracle Management Cloud?
Log Analytics have been around for some time and there are lots of tools out on the market that can provide this. A very common open source Log Analytics solution is the ELK stack. ELK is Elasticsearch, Logstash and Kibana, which when put together can provide you with a Log Analytics solution. While this a completely acceptable solution to create a Log Analytics tool for me it is still a solution created by technical people for technical people.
For me, the value that you can bring to an organisation is not that you know how to glue and setup the various bits of the ELK stack together but it’s the fact that you are enabling a Log Analytics service. That’s the value; to be able to search, find and interpret information in the hundreds and millions of log files which are being generated across your infrastructure.
Oracle Management Cloud vastly improves the time to value for a Log Analytics service in a number of ways. In terms of infrastructure there is nothing to install apart from a Cloud Agent and potentially a Cloud Gateway if you want to send your Logs via a proxy before they go to the Management Cloud. This is the installation for the Cloud Agent. A script (already written for you ;-) ) and just a set of parameters which are documented.
./AgentInstall.sh AGENT_TYPE=cloud_agent AGENT_REGISTRATION_KEY=KJJD8ua8sd9asas90da0 AGENT_BASE_DIR=/u01/mgmtcloud TENANT_ID=redstack GATEWAY_HOST=redstack_proxy GATEWAY_PORT=3900 AGENT_PORT=3872
Secondly, this is the most important bit, it’s the Log Parsers. All Log Analytics tools will require you to use a Log Parser to get the most value out of the log file. A Log Parser is a regular expression which will take a line of log information and effectively chop it up into meaningful bits of information. So when you’re using your Log Analytics tool you can gain more value out of the log data itself. Creating a Log Parser requires you to be familiar with regular expressions and being able to use them against the log data, a technical challenge in itself. However, with the Oracle Management Cloud Log Analytics tool, it comes with 94 pre-configured Log Parsers. Remember this is only a starting point; more Log Parsers will inevitably be released, but 94 isn’t a bad starting point.
An example to illustrate this is looking at the Log Parser for the Database Audit XML Log Format. Each Audit Log record has a huge amount of valuable log data contained within it. However to manually create a Log Parser for this would be extremely complicated. In fact you can see how complicated it is here in the Oracle Management Cloud console. It’s the Parse Expression.
But as this has been done for you, you can now view what columns the individual log has been broken down into and which are individually searchable via the Log Analytics tool. This is just a screenshot from the Log Parser example.
Within the Log Analytics tool itself you can drag and drop all the fields which have been generated through the Log Parser. Here we can search for the different privileges which have been captured; in this case we see SYSDBA! To clarify what has been done, the Log Parsers regular expression has enabled the Log Analytics tool to search and categorize data on the privileges field seen in each audit record.
So what I wanted to illustrate in this post was the reason I like the Oracle Management Cloud Log Analytics, is that it has a very quick time to value. The infrastructure is ready for you, the Log Parsers are ready, all you need to do is deploy the agent. The challenge shouldn’t be in the deploying tool, the value shouldn’t be that you managed to do it. The challenge is how do you improve IT operations and services. The value that you bring is being able to utilize and understand the log data from your infrastructure and software stacks which is being presented visually via the Oracle Management Cloud.
To find out more about Oracle Management Cloud click here or book a call with one of our advisers.
Author’s Bio:
Philip Brown has been with Red Stack Tech for over five years, most notably in his role as Professional Services Manager and recently becoming Director of Cloud Strategy. As an active member of the Oracle community, Philip was awarded the Oracle Ace Associate in 2015. Also having presented at the Oracle User Group since 2008 and had many articles published in Oracle Scene and OTech magazines, Philip’s knowledge and professional experience in utilizing Cloud technology is highly valued amongst other professionals.