Extracting application log messages as parameters (log4net example)

AppInternals allows you to capture method parameters. There are a lot of nice usages to that functionality and one great example was posted recently when a customer asked about capturing Cassandra statement. In the very knowledgeable reply from Koundinya Srinivasarao there was a great example for how we can capture the statement by adding a monitoring filter and extracting the statement as parameter

Another fun example for capturing method parameters is capturing application log messages and saving them as parameters. After those messages are captured you can search on them and run all sorts of fun analysis on them.


This is a log4net example:

Since iLog is an interface I searched a bit and found the following class log4net.Core.LogImpl

The following methods were the interesting ones: Info, Warning, Fatal, Error

Under normal circumstances I would only handle Fatal, Error and maybe Warning but since the application was performing flawlessly I decided to add Info so I can demonstrate this functionality. This is the monitoring filter that I added to the configuration


filters1.jpg


This was the setting for Info, the other levels had similar settings (method and parameter name was according to the level)

 

filter4.jpg

 

For full information please check our documentation

The result was capturing the messages that were logged by the application and being able to search and report on them.

 

We can see how many time a state is called by looking for the method

info1.jpg

 

We can look for a parameter

info2.jpg

 

We can also search for a parameter value to see transactions where a specific string appeared (in this case my name).

info3.jpg

 

And just like the example with the Cassandra statements we can generate a report.

| timeseries -limit 10 -group_by parameter = infomessage

info4.jpg

 

You can click on the message/parameter-value  you are interested in (popup in the screen), and get a list of the transactions that match that message. Then drill down to a specific trace and search in the call tree for that parameter/message.

callstack.jpg

 

To see the call tree and sequence of events that lead to that message click on the magnifying glass.

callstack2.jpg

 

A word of caution: this is just an example, please test this functionality properly before using it. I have instrumented info level so I can demonstrate the functionality, but in your environment less noisy and more important levels are better candidates.

 

You can also watch the process in this YouTube video

 

 

I hope you find this document useful.

 

Golan