GOL Log Analytics

Easily navigate and search time-critical log data with touch-enabled, zoomable Web user interface

Gol Screen


Quickly visualize your log data across timeline and any custom content

Timechart

GOL provide visualization-based data search, navigation and real-time discovery that offer interactive graphical views of massive amounts of log entries consolidated into a single GOLDB database along the events timeline. Easily spot business-critical events that peak out or dive below normal baseline.

Zoom-in to closer view of events directly in the graphs, quickly spot and categorize logged sources involved in the relevant events for further investigation through cross-search, zoom-in or zoom-out, filtering or context matches.


Visually organize your log data sources for instant access and search into selected area of interest

Netchart

Visual network graphs available for summarized view of all sources sending the data to consolidated log database allows you to quickly look at the overall infrastructure and log data transmission paths. It is useful for quick overview of log entries received from hosts, syslog servers and other devices without creation of search expressions with specific names and IP addresses.


GOL OVERVIEW, INSTALLATION, OS REQUIREMENTS AND COMPONENTS

Use cases
Clusterpark GOL is an enterprise-grade, massively scalable in a pool of inexpensive cluster equipment, complete log analytics software application with an open API and open database format. It allows our customers to store log data for long term using cross-platform, absolutely interoperable with any 3rd party software, industry standard XML, while performance problem is taken care by Clusterpoint DBMS with its built-in ultra-fast enterprise search engine.

GOL software enables very fast log data analysis, such as detecting security breaches, application-related problem detection from log access in real-time, spotting of technical problems in network or server systems etc.

System administrators would also probably like GOL’s same name command line utility that can deliver instant searches in billions of log records consolidated into one place: GOLDB database. GOL is outperforming ubiquitous grep-utility by thousands of times in terms of pure search speed.


Installation
GOL installation package contains all but optional software components, to be installed and configured for specific customer log file locations. Package currently include installation for following Linux operating systems 32bit and 64bit versions – Suse, Centos, Debian, Fedora; FreeBSD, MacOS and MS Windows Server.


Operating system requirements
GolLoaders works on Linux and MS Windows servers and workstations.


GOL components:

  • golLoader – log data loading and forwarding utility.
  • goldb – a consolidated customer log database, based on Clusterpoint Server – scalable NoSQL document-oriented XML database with open API.
  • gol (web application) – for search and access all GOL features and benefits through webGUI.
  • Optional components – 3rd party apps for analytics, reporting and BI.

Architecture


GOLLOADER : LOG DATA LOADING AND FORWARDING

GolLoader utility can be deployed to any virtual or non-virtual servers and workstations where log data for collection are located. golLoder utilities deliver reliable, secure, real-time log data collection for up to tens of thousands of sources. They can monitor log files from sources in local network and the ones situated in organizations WAN as well. golLoader utilities works on Linux and Windows operating systems.

Linux and Windows event logs are forwarded to golDB for consolidation and indexing. golLoader utilities are lightweight, can be deployed quickly and configured from GOL interface at single location.

For enterprise customers we deliver golLoader source code for customization for enterprise specific log format forwarding.

Loader


GOLDB : LOG DATA CONSOLIDATION AND INDEXING

Clusterpark Log Data Server stores and accesses all log records into a single database golDB that is serviced by Clusterpoint Server software, a general purpose NoSQL document-oriented database management system.

golDB database is working a simple XML document database, where each log record is stored as an XML document. It has very simple and efficient at performance structure, where each tag element is named with a single or two letters only, to save storage space.

GolDB services as an ONLINE data repository for all your log records, it can scale out linearly to hundreds of servers and billions of records, and still deliver Google-like search across all log data content with free format Internet-style ad hoc queries and relevant results provided in seconds.

All of your log files can grow for months and even years with seamless database volume scalability in clusters and with virtually no search performance decline. For mission-critical production environments you can easily configure golDB to run in multiple copies for data security and reliability, with no extra programming.

GolDB XML document structure is well documented and database can be modified for integration with enterprises other applications.

GolDB database management is provided by centralized management system (Web-GUI). It allows to manage single or clustered databases, user access rights and log files through a single enterprise-grade administration system and one security policy.

GOLDB Architecture


GOL GUI : EVENT SEARCH AND VISUALIZATION

Gol GUI provides visual search and dashboards for log entry navigation offering highly interactive and graphical views of amounts of log entries for easy identification of meaningful events. With a radically new approach to search, Clusterpark’s gol can find in seconds (rather than hours) the cause and location of network incidents.

Gol features include:

  • Highly interactive visualization-based data discovery of amounts of log entries for easy identification of periods peaking out or diving below normal baseline;
  • Network graphs for summarized view of all sources sending the log data to golDB;
  • Extensive log event search options including google-like regular expressions, extended search with boolean expressions and faceted search;
  • Dashboards for real-time monitoring of applications and IT infrastructure with search queries and visual graphs.
  • Automatic alerts with custom search queries and rules for real-time identification of crucial events.
  • Saving of frequently used search patterns for usage in other search cases.

Gol GUI is designed in HTML5, for modern tablet and smartphone GUIs. It works across all major web and mobile platforms.

GOOGLE-like search

Google like Search

Enjoy Google-like ad hoc search simplicity across all log data by using any known textual content. You can although search using text phrases, use word / phrase wildcards and word stemming as your query terms.


Boolean expressions for complex searches

Boolean Search

You can make very complex search queries with multi-level XML nesting, Boolean AND ( ), OR { }, NOT ~ logic, nest many ((( … ))) expressions, combining Google-like text search terms


OPTIONAL COMPONENTS : EXTEND GOL CAPABILITIES
The Gol open REST based API gives a way to extend core functionality by creating custom applications and reports. It enables integration log data stored with golDB database to other XML based data analysis systems. API is suitable for REAL-TIME web and mobile application interactivity.

It is available for development of .NET, JAVA, PHP, PYTHON, C/C++ applications by using more than 40 commands including google-like search and finding similar content in other event sources for correlation.

GOL API


FACETED NAVIGATION

Facet Search

Save your time by using pre-filtered terms to build an expression for more effective search. This becomes handy when it is difficult to identify the components that characterize events by looking at thousands of log entries. Looking through the pre-filtered content, you can get advice on event related content, you may not have even thought to look, but that could prove to be important for further investigation of the events.


DASHBOARDS FOR REAL-TIME MONITORING

Dashboard

Create dashboards to monitor your applications and infrastructure in real-time even with complex search queries. GOL dashboards continually refresh as new data comes from logged sources. As a result, real-time information is displayed and dashboard monitors show data with near-zero latency.

GOL is uniquely capable of delivering real-time monitoring of processed terabytes of data and delivering immediate results.


AUTOMATIC ALERTS FOR CRUCIAL EVENTS

Alerts

Use custom search queries and rules on log data and trigger alerts. Get alerts by email or other media and troubleshoot problems before end-users get affected. Use the auto-detection monitoring system both on homegrown log data formats and infrastructure servers. Save time with alerting by monitoring errors, IP addresses, problems, rules, and other patterns in real-time.


DEFINE AND MAINTAIN SEARCH EXPRESSIONS

Filters

Any search expression, regardless of its complexity, can be saved for future use under the title of your choice. Saved search terms are grouped by popularity and last created. While reviewing the list the search expressions stored below the filter name are displayed for easier selection. Maintain your time by using saved search expressions when emerging events need quick and effective investigation.


BUILD YOUR OWN REPORTS AND APPS

API Enterprise developer teams will find many of ways to leverage GOL by using built-in open REST-based API. From creation of custom applications by integrating data from golDB to the design of specific reports for in-depth study of events and investigation results.

Our API is designed for REAL-TIME web and mobile application interactivity. API is available for development of .NET, JAVA, PHP, PYTHON, C/C++ applications by using more than 40 commands including google-like search and finding similar content in other event sources for correlation

Copyright © 1DataGroup All rights Reserved. 2013 | Legal | Terms of Use | Sitemap