{"id":7006,"date":"2021-06-11T14:22:21","date_gmt":"2021-06-11T07:22:21","guid":{"rendered":"http:\/\/gcloudvn.wam.vn\/phan-tich-log-de-dang-hon-voi-log-field-analytic\/"},"modified":"2023-04-03T15:57:29","modified_gmt":"2023-04-03T08:57:29","slug":"phan-tich-log-de-dang-hon-voi-log-field-analytic","status":"publish","type":"post","link":"https:\/\/gcloudvn.com\/en\/kienthuc\/phan-tich-log-de-dang-hon-voi-log-field-analytic\/","title":{"rendered":"Log analysis made easier with Log field analytic"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Google knows that programmers or operational technicians who troubleshoot applications and systems have a lot of data to sort through while finding the root cause of problems. Usually, having fields like error codes is important for finding answers and solving those problems. Today, Google announced <\/span><a href=\"https:\/\/cloud.google.com\/logging\/docs\/view\/logs-viewer-interface#custom-fields\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">log analysis<\/span><\/a><span style=\"font-weight: 400;\"> in Cloud Logging, a new way to search, filter, and understand the structure of your logs so you can find answers faster and easier than ever.<\/span><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_80 counter-hierarchy ez-toc-counter ez-toc-grey ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #999;color:#999\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewbox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #999;color:#999\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewbox=\"0 0 24 24\" version=\"1.2\" baseprofile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/phan-tich-log-de-dang-hon-voi-log-field-analytic\/#Phan_tich_log_he_thong\" >System log analysis<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/phan-tich-log-de-dang-hon-voi-log-field-analytic\/#Khac_phuc_su_co_tot_hon_bang_cach_phan_tich_cac_gia_tri_nhat_ky\" >Better troubleshooting by analyzing log values<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/phan-tich-log-de-dang-hon-voi-log-field-analytic\/#Loc_bang_cach_su_dung_cac_field_value\" >Filter using the value . fields<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/phan-tich-log-de-dang-hon-voi-log-field-analytic\/#Hieu_ro_hon_ve_nhat_ky_kiem_tra_cua_ban\" >Get a better understanding of your audit logs<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/gcloudvn.com\/en\/kienthuc\/phan-tich-log-de-dang-hon-voi-log-field-analytic\/#Bat_dau_tu_hom_nay\" >Starting from today<\/a><\/li><\/ul><\/nav><\/div>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Phan_tich_log_he_thong\"><\/span><strong>System log analysis<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Last year, Google Cloud launched <\/span><a href=\"https:\/\/cloud.google.com\/logging\/docs\/view\/logs-viewer-preview\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">Logs Explorer<\/span><\/a><span style=\"font-weight: 400;\"> to help find and analyze your system logs faster, with features like <\/span><a href=\"https:\/\/cloud.google.com\/logging\/docs\/view\/logs-viewer-interface#log-fields-features\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">Log fields pane<\/span><\/a><span style=\"font-weight: 400;\"> and <\/span><a href=\"https:\/\/cloud.google.com\/logging\/docs\/view\/logs-viewer-interface#histogram-panel\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">histogram<\/span><\/a><span style=\"font-weight: 400;\">, as well as <\/span><a href=\"https:\/\/cloud.google.com\/logging\/docs\/view\/building-queries#saved-queries\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">saved and shared queries<\/span><\/a><span style=\"font-weight: 400;\">. In Logs Explorer, the Log fields pane and histogram both provide useful information to help analyze your logs.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">With the Log fields pane, each resource type, maps to a specific Google Cloud service like <a href=\"https:\/\/gcloudvn.com\/en\/bigquery\/\">BigQuery<\/a> or <a href=\"https:\/\/gcloudvn.com\/en\/google-kubernetes-engine-gke\/\">Google Kubernetes Engine<\/a> (GKE), consisting of a set of fields and default values found in the log loaded into Logs Explorer. The log field includes the name of the log field, a list of values, and the total number of logs that fall within that category. Let&#039;s look at these terms more precisely:<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Log fields \u2013 These are specific fields in your log. All logs in Cloud Logging use message format <\/span><a href=\"https:\/\/cloud.google.com\/logging\/docs\/reference\/v2\/rest\/v2\/LogEntry\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">LogEntry<\/span><\/a><span style=\"font-weight: 400;\">. For example, the logName field is present in all logs in Cloud Logging. When you log it, it also includes textPayload, jsonPayload or protoPayload fields such as jsonPayload.http_req_status.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Log field value \u2013 The value of a specific log field. For example, for a log entry with a jsonPayload.http_req_status field, some sample values could be \u201c200\u201d, \u201c404\u201d, or \u201c500\u201d.<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">You can now get a complete list of values for the selected log fields and count the number of logs that match the value using log field analysis. You can analyze the application or system logs using the fields in jsonPayload or protoPayloads of the log entries and then easily refine your query by selecting the field values to see the details of the log entries. appropriate log.<\/span><\/p>\n<figure id=\"attachment_19272\" aria-describedby=\"caption-attachment-19272\" style=\"width: 614px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-19272\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2021\/06\/CloudLogging_pane.gif\" alt=\"A view of the Logs fields pane in Cloud Logging\" width=\"614\" height=\"385\" \/><figcaption id=\"caption-attachment-19272\" class=\"wp-caption-text\"><em>A view of the Logs fields pane in Cloud Logging<\/em><\/figcaption><\/figure>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Khac_phuc_su_co_tot_hon_bang_cach_phan_tich_cac_gia_tri_nhat_ky\"><\/span><strong>Better troubleshooting by analyzing log values<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Log field analysis makes it easy to quickly detect unexpected values. By adding a field to the Log fields pane, you can see all the values that appear in the log and then select any value to filter the log by those values.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">In this sample e-commerce app, Google added the jsonPayload.http_req_path field and can now view the request paths over time. In the screenshot below, it is easy to see that there are some unexpected values that indicate a problem, such as \u201c\/products\/error\u201d and \u201cproducts\/incorrectproduct\u201d. Next to those values is the total number of matching log entries. These values can help you narrow down the cause of the error and find an easy fix.<\/span><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-19274 size-full\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2021\/06\/News-7.png\" alt=\"The Aggregated Logs field shows the number of entries for each http_req_path log value (messages \/products\/errors and \/products\/incorrect products)\" width=\"241\" height=\"500\" \/><\/p>\n<p style=\"text-align: justify;\"><i><span style=\"font-weight: 400;\">The Aggregated Logs field shows the number of entries for each http_req_path log value (messages \/products\/errors and \/products\/incorrect products)<\/span><\/i><\/p>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Loc_bang_cach_su_dung_cac_field_value\"><\/span><strong>Filter using the value . fields<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">The field value selection in the Log fields pane can be used to refine your query so that you can only view logs that contain the selected value. In the Google example above using the jsonPayload.http_req_path field, it is possible to select a specific value, \u201c\/cart\u201d in this case, and see the log broken down by severity.<\/span><\/p>\n<figure id=\"attachment_19276\" aria-describedby=\"caption-attachment-19276\" style=\"width: 241px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-19276 size-full\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2021\/06\/News-8.png\" alt=\"Aggregate log entries for a selected http_req_path (selected notifications\/carts)\" width=\"241\" height=\"500\" \/><figcaption id=\"caption-attachment-19276\" class=\"wp-caption-text\">Aggregate log entries for a selected http_req_path (selected notifications\/carts)<\/figcaption><\/figure>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Hieu_ro_hon_ve_nhat_ky_kiem_tra_cua_ban\"><\/span><strong>Get a better understanding of your audit logs<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Using log field analysis, you can easily find values in audit logs for services <a href=\"https:\/\/gcloudvn.com\/en\/google-cloud-platform\/\">Google Cloud Platform<\/a>. For example, you might want to identify accounts that are requesting data access for a particular GKE cluster. If you add the protoPayload.authenticationInfo.principal Email field as a custom field to the Log fields pane, you&#039;ll get both a list of the accounts that made the request and the number of log entries for each account value.<\/span><\/p>\n<p style=\"text-align: justify;\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-19278 size-full\" src=\"https:\/\/gcloudvn.com\/wp-content\/uploads\/2021\/06\/News-9.png\" alt=\"Log fields show the number of log entries for each principalEmail value\" width=\"219\" height=\"500\" \/><\/p>\n<p style=\"text-align: justify;\"><i><span style=\"font-weight: 400;\">Log fields show the number of log entries for each principalEmail value<\/span><\/i><\/p>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"Bat_dau_tu_hom_nay\"><\/span><strong>Starting from today<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400;\">Log field analysis, and Histogram are features that Google recently added to Logs Explorer and they are ready for you to use today. But don&#039;t stop there! Please join <\/span><a href=\"https:\/\/groups.google.com\/g\/google-stackdriver-discussion\" target=\"_blank\" rel=\"nofollow noopener\"><span style=\"font-weight: 400;\">discussion forum<\/span><\/a><span style=\"font-weight: 400;\"> of Google Cloud for more information on what&#039;s coming next and to provide feedback on your experience using Cloud Logging.<\/span><\/p>\n<p style=\"text-align: right;\"><strong>Source: Gimasys<\/strong><\/p>","protected":false},"excerpt":{"rendered":"<p>Google knows that programmers or operational technicians troubleshooting applications and systems have a lot of data to sort through while finding the root cause of\u2026<\/p>","protected":false},"author":1,"featured_media":7007,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-7006","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kienthuc","entry","has-media"],"_links":{"self":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts\/7006","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/comments?post=7006"}],"version-history":[{"count":0,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/posts\/7006\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/media\/7007"}],"wp:attachment":[{"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/media?parent=7006"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/categories?post=7006"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gcloudvn.com\/en\/wp-json\/wp\/v2\/tags?post=7006"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}