Skip to content

Commit d1cb235

Browse files
manuelkiesslingmanuelkiessling
committed
Notes, Sample Report screenhot
1 parent b230dc0 commit d1cb235

File tree

12 files changed

+1907
-4
lines changed

12 files changed

+1907
-4
lines changed

README.md

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -59,7 +59,8 @@ This tool is ideal if:
5959

6060
4. **Create a configuration file:**
6161
```bash
62-
cp etc/main.conf.dist /etc/main.conf
62+
mkdir -p /etc/ppmc
63+
cp etc/main.conf.dist /etc/ppmc/main.conf
6364
```
6465

6566
5. **Edit the configuration:**
@@ -83,10 +84,10 @@ This tool is ideal if:
8384

8485
6. **Set up the Elasticsearch query:**
8586
```bash
86-
cp etc/lucene_query.json.dist etc/lucene_query.json
87+
cp etc/lucene_query.json.dist /etc/ppmc/lucene_query.json
8788
```
8889

89-
This default query looks for error messages while filtering out noise:
90+
This sample query looks for error messages while filtering out noise:
9091
```json
9192
{
9293
"query": {
@@ -111,7 +112,7 @@ This tool is ideal if:
111112

112113
7. **Run the tool:**
113114
```bash
114-
./bin/ppmc ./etc/main.conf
115+
./bin/ppmc /etc/ppmc/main.conf
115116
```
116117

117118
## How It Works

assets/readme-hero-image.png

-271 KB
Loading

docs/NOTES.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -23,3 +23,4 @@
2323

2424
- add step 12 (cleanup) to ppmc
2525
- add ppmc option to disable cleanup step 12
26+
- allow the local filesystem as a state storage alternative

sample-trend-and-report-input-data/comparison_results.json

Lines changed: 226 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,226 @@
1+
{
2+
"new_patterns": [
3+
{
4+
"cluster_id": "6",
5+
"count": 32,
6+
"pattern": "SSL certificate for <*> is expiring in <*> days",
7+
"first_seen": "2025-03-07T04:15:22Z",
8+
"last_seen": "2025-03-07T23:15:22Z",
9+
"sample_log_lines": [
10+
"SSL certificate for api.example.com is expiring in 7 days",
11+
"SSL certificate for dashboard.example.org is expiring in 5 days",
12+
"SSL certificate for auth.example.net is expiring in 3 days"
13+
],
14+
"sample_doc_references": [
15+
"logs-2025.03.07/doc38",
16+
"logs-2025.03.07/doc123",
17+
"logs-2025.03.07/doc208"
18+
]
19+
},
20+
{
21+
"cluster_id": "7",
22+
"count": 21,
23+
"pattern": "Disk usage warning: <*> is at <*>% capacity",
24+
"first_seen": "2025-03-07T05:32:16Z",
25+
"last_seen": "2025-03-07T22:47:53Z",
26+
"sample_log_lines": [
27+
"Disk usage warning: /var/log is at 85% capacity",
28+
"Disk usage warning: /home is at 92% capacity",
29+
"Disk usage warning: /tmp is at 88% capacity"
30+
],
31+
"sample_doc_references": [
32+
"logs-2025.03.07/doc56",
33+
"logs-2025.03.07/doc127",
34+
"logs-2025.03.07/doc198"
35+
]
36+
},
37+
{
38+
"cluster_id": "8",
39+
"count": 18,
40+
"pattern": "Connection reset by peer while sending request to <*>",
41+
"first_seen": "2025-03-07T01:42:19Z",
42+
"last_seen": "2025-03-07T22:38:11Z",
43+
"sample_log_lines": [
44+
"Connection reset by peer while sending request to https://api.payment-provider.com/v2/transactions",
45+
"Connection reset by peer while sending request to https://auth.partner-service.org/oauth/token",
46+
"Connection reset by peer while sending request to https://cdn.assets.com/resource"
47+
],
48+
"sample_doc_references": [
49+
"logs-2025.03.07/doc43",
50+
"logs-2025.03.07/doc137",
51+
"logs-2025.03.07/doc219"
52+
]
53+
}
54+
],
55+
"disappeared_patterns": [
56+
{
57+
"cluster_id": "1",
58+
"count": 245,
59+
"pattern": "Error connecting to database at <*>: Connection timed out",
60+
"first_seen": "2025-03-06T00:15:32Z",
61+
"last_seen": "2025-03-06T23:45:17Z",
62+
"sample_log_lines": [
63+
"Error connecting to database at 10.0.1.42:3306: Connection timed out",
64+
"Error connecting to database at db.example.com:3306: Connection timed out",
65+
"Error connecting to database at 192.168.1.100:3306: Connection timed out"
66+
],
67+
"sample_doc_references": [
68+
"logs-2025.03.06/doc1",
69+
"logs-2025.03.06/doc145",
70+
"logs-2025.03.06/doc231"
71+
]
72+
},
73+
{
74+
"cluster_id": "4",
75+
"count": 124,
76+
"pattern": "Exception in thread \"main\" java.lang.OutOfMemoryError: <*>",
77+
"first_seen": "2025-03-06T03:25:48Z",
78+
"last_seen": "2025-03-06T22:17:03Z",
79+
"sample_log_lines": [
80+
"Exception in thread \"main\" java.lang.OutOfMemoryError: Java heap space",
81+
"Exception in thread \"main\" java.lang.OutOfMemoryError: GC overhead limit exceeded",
82+
"Exception in thread \"main\" java.lang.OutOfMemoryError: unable to create new native thread"
83+
],
84+
"sample_doc_references": [
85+
"logs-2025.03.06/doc42",
86+
"logs-2025.03.06/doc87",
87+
"logs-2025.03.06/doc109"
88+
]
89+
},
90+
{
91+
"cluster_id": "5",
92+
"count": 89,
93+
"pattern": "Kubernetes pod <*> in namespace <*> failed health check",
94+
"first_seen": "2025-03-06T00:32:11Z",
95+
"last_seen": "2025-03-06T23:47:29Z",
96+
"sample_log_lines": [
97+
"Kubernetes pod web-server-5d4d7 in namespace production failed health check",
98+
"Kubernetes pod db-backup-3f2a1 in namespace data-services failed health check",
99+
"Kubernetes pod cache-9b3c8 in namespace frontend failed health check"
100+
],
101+
"sample_doc_references": [
102+
"logs-2025.03.06/doc53",
103+
"logs-2025.03.06/doc167",
104+
"logs-2025.03.06/doc214"
105+
]
106+
},
107+
{
108+
"cluster_id": "11",
109+
"count": 54,
110+
"pattern": "Failed to process message from queue <*>: <*>",
111+
"first_seen": "2025-03-06T02:17:42Z",
112+
"last_seen": "2025-03-06T22:35:09Z",
113+
"sample_log_lines": [
114+
"Failed to process message from queue orders: JSON parse error at line 1 column 24",
115+
"Failed to process message from queue notifications: Message expired",
116+
"Failed to process message from queue user-events: Unknown message format"
117+
],
118+
"sample_doc_references": [
119+
"logs-2025.03.06/doc67",
120+
"logs-2025.03.06/doc132",
121+
"logs-2025.03.06/doc223"
122+
]
123+
},
124+
{
125+
"cluster_id": "12",
126+
"count": 42,
127+
"pattern": "Cache invalidation failed for key <*>",
128+
"first_seen": "2025-03-06T04:28:16Z",
129+
"last_seen": "2025-03-06T21:51:48Z",
130+
"sample_log_lines": [
131+
"Cache invalidation failed for key user:profile:12345",
132+
"Cache invalidation failed for key product:catalog:recent",
133+
"Cache invalidation failed for key system:config:endpoints"
134+
],
135+
"sample_doc_references": [
136+
"logs-2025.03.06/doc84",
137+
"logs-2025.03.06/doc156",
138+
"logs-2025.03.06/doc238"
139+
]
140+
}
141+
],
142+
"increased_patterns": [
143+
{
144+
"cluster_id": "9",
145+
"current_count": 14,
146+
"previous_count": 5,
147+
"difference": 9,
148+
"percentage_change": 180.0,
149+
"pattern": "Failed to process job <*> - timeout after <*> seconds",
150+
"first_seen": "2025-03-07T03:17:09Z",
151+
"last_seen": "2025-03-07T21:05:33Z",
152+
"sample_log_lines": [
153+
"Failed to process job export-user-data-5782 - timeout after 60 seconds",
154+
"Failed to process job generate-report-4213 - timeout after 120 seconds",
155+
"Failed to process job sync-inventory-8974 - timeout after 180 seconds"
156+
],
157+
"sample_doc_references": [
158+
"logs-2025.03.07/doc72",
159+
"logs-2025.03.07/doc158",
160+
"logs-2025.03.07/doc241"
161+
]
162+
}
163+
],
164+
"decreased_patterns": [
165+
{
166+
"cluster_id": "2",
167+
"current_count": 72,
168+
"previous_count": 187,
169+
"difference": -115,
170+
"percentage_change": -61.5,
171+
"pattern": "Failed to authenticate user <*> - invalid credentials",
172+
"first_seen": "2025-03-07T00:03:12Z",
173+
"last_seen": "2025-03-07T23:45:27Z",
174+
"sample_log_lines": [
175+
"Failed to authenticate user customer@example.org - invalid credentials",
176+
"Failed to authenticate user guest-user - invalid credentials",
177+
"Failed to authenticate user api-client-456 - invalid credentials"
178+
],
179+
"sample_doc_references": [
180+
"logs-2025.03.07/doc19",
181+
"logs-2025.03.07/doc82",
182+
"logs-2025.03.07/doc143"
183+
]
184+
},
185+
{
186+
"cluster_id": "3",
187+
"current_count": 58,
188+
"previous_count": 163,
189+
"difference": -105,
190+
"percentage_change": -64.4,
191+
"pattern": "API rate limit exceeded for user ID <*>",
192+
"first_seen": "2025-03-07T00:12:43Z",
193+
"last_seen": "2025-03-07T23:51:16Z",
194+
"sample_log_lines": [
195+
"API rate limit exceeded for user ID 6142",
196+
"API rate limit exceeded for user ID 9037",
197+
"API rate limit exceeded for user ID 2384"
198+
],
199+
"sample_doc_references": [
200+
"logs-2025.03.07/doc27",
201+
"logs-2025.03.07/doc94",
202+
"logs-2025.03.07/doc185"
203+
]
204+
},
205+
{
206+
"cluster_id": "13",
207+
"current_count": 12,
208+
"previous_count": 29,
209+
"difference": -17,
210+
"percentage_change": -58.6,
211+
"pattern": "HTTP request failed: <*> <*> returned status code <*>",
212+
"first_seen": "2025-03-07T08:43:18Z",
213+
"last_seen": "2025-03-07T20:17:32Z",
214+
"sample_log_lines": [
215+
"HTTP request failed: GET https://metrics.example.com/api/collect returned status code 502",
216+
"HTTP request failed: POST https://auth.thirdparty.org/authorize returned status code 429",
217+
"HTTP request failed: DELETE https://cloud-storage.example.net/objects/temp returned status code 403"
218+
],
219+
"sample_doc_references": [
220+
"logs-2025.03.07/doc87",
221+
"logs-2025.03.07/doc164",
222+
"logs-2025.03.07/doc232"
223+
]
224+
}
225+
]
226+
}

0 commit comments

Comments
 (0)