Welcome!

Linux Containers Authors: Liz McMillan, Yeshim Deniz, Elizabeth White, Pat Romanski, Stackify Blog

Related Topics: @DevOpsSummit, Java IoT, Linux Containers, Containers Expo Blog, @DXWorldExpo

@DevOpsSummit: Blog Post

JSON Formatting of IIS By @TrevParsons | @DevOpsSummit [#DevOps]

Installing NXLOG is as easy as downloading an MSI and clicking install

How to Implement JSON Formatting of IIS for Analytics and Troubleshooting

Previously, we wrote about setting up a Windows environment to log JSON formatted logs using our Windows Agent or our DataHub.  Now we'll tackle IIS.

IIS, like Windows, has a unique log format that makes it difficult to read, parse, and garner useful information.  The log is a flat file that has a line-per-web hit; similar to Apache or Nginx. But, it's not as easy to format into JSON as Apache and Nginix.

example of IIS log data
Using the tricks we learned formatting Windows Event Logs as JSON we can use the same tools to get IIS into JSON formatted logs, and use our more advanced analytics features.

JSON formatting of IIS

Step 1: Setup NXLOG

If you haven't followed the instructions on getting NXLOG setup on your Windows machine, we need to first install NXLOG. Installing NXLOG is as easy as downloading an MSI and clicking install.

Step 2: Configuration

Similar to the Windows JSON formatting, there are two separate configurations for IIS. Depending on whether or not you're using the Windows Agent from Logentries or the DataHub - your configuration steps will be different.

DataHub/Syslog Configuration

This configuration file will assist in setting up NXLOG to use with the DataHub or direct syslog configuration.

First, copy the downloaded file to the NXLOG configuration path (typically C:\Program Files (x86)\NXLOG\CONF). Then, make the following changes to that file:

  1. If for some reason NXLOG gets installed to C:\Program Files instead of C:\Program Files (x86), you'll need to uncomment the ROOT definition at the start of the config file for the proper installation directory.
  2. Change the EventLog format to mseventlog instead of msvistalog if you're utilizing Windows 2003 or prior.
  3. Update the file location of IIS logs (on line 67 of the configuration file) to point to the location of IIS log files on the system.
  4. Enter in your DataHub IP and Port in the output definition at the bottom of the file.
  5. Start NXLOG from the Services application.

Direct Agent Configuration

Using the Windows Agent in Logentries has the added benefit of sending over system stats as well (CPU, Memory, Network, etc.)  The configuration is similar, but has a few more steps to allow the Windows Agent to follow the JSON converted files.

You'll need to download the NXLOG configuration file to use with the Agent, and place it into your NXLOG installation path.

The NXLOG program acts as a JSON parser in this instance; reading in the IIS and Windows Event Logs and outputting to a flat file the Windows Agent can follow.

You'll need to perform the following steps:

  1. If for some reason NXLOG gets installed to C:\Program Files instead of C:\Program Files (x86), you'll need to uncomment the ROOT definition at the start of the config file for the proper installation directory.
  2. Change the EventLog format to mseventlog instead of msvistalog if you're utilizing Windows 2003 or prior.
  3. Update the file location of IIS logs (on line 67 of the configuration file) to point to the location of IIS log files on the system.
  4. At the bottom of the file is an area where we feed the output file.  Currently it's outputting to both C:\Test\eventlog.txt and C:\Test\iis.txt.  You'll want to change this to a more suitable location that meets your needs.
  5. Start NXLOG from the Services application.
  6. Follow the files defined in step 4 with the Windows Agent - and uncheck the other Windows Event Logs from being followed.

Now, your IIS logs will be visible in JSON inside of Logentries - but even more importantly, the advanced analytics of Logentries can now be applied against your web traffic.

IIS logs formatted in JSON

Using our advanced analytics functions you can use our dashboards and graphs to map out your applications performance, response, and other key performance indicators.

hosts_WIN-BO7C2KRGSSA_iis1_txt___Logentries 2

With our new Community Packs for IIS you can now import all important queries, dashboards, and tags for IIS with a click of a button. The IIS pack contains queries for numbers of 404, average response time, accesses per hour, and more!

Dashboard___Logentries

 

More Stories By Trevor Parsons

Trevor Parsons is Chief Scientist and Co-founder of Logentries. Trevor has over 10 years experience in enterprise software and, in particular, has specialized in developing enterprise monitoring and performance tools for distributed systems. He is also a research fellow at the Performance Engineering Lab Research Group and was formerly a Scientist at the IBM Center for Advanced Studies. Trevor holds a PhD from University College Dublin, Ireland.

@ThingsExpo Stories
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and ...
Founded in 2000, Chetu Inc. is a global provider of customized software development solutions and IT staff augmentation services for software technology providers. By providing clients with unparalleled niche technology expertise and industry experience, Chetu has become the premiere long-term, back-end software development partner for start-ups, SMBs, and Fortune 500 companies. Chetu is headquartered in Plantation, Florida, with thirteen offices throughout the U.S. and abroad.
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science," is responsible for setting the strategy and defining the Big Data service offerings and capabilities for EMC Global Services Big Data Practice. As the CTO for the Big Data Practice, he is responsible for working with organizations to help them identify where and how to start their big data journeys. He's written several white papers, is an avid blogge...
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smart...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science," is responsible for setting the strategy and defining the Big Data service offerings and capabilities for EMC Global Services Big Data Practice. As the CTO for the Big Data Practice, he is responsible for working with organizations to help them identify where and how to start their big data journeys. He's written several white papers, is an avid blogge...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
"IBM is really all in on blockchain. We take a look at sort of the history of blockchain ledger technologies. It started out with bitcoin, Ethereum, and IBM evaluated these particular blockchain technologies and found they were anonymous and permissionless and that many companies were looking for permissioned blockchain," stated René Bostic, Technical VP of the IBM Cloud Unit in North America, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Conventi...
Michael Maximilien, better known as max or Dr. Max, is a computer scientist with IBM. At IBM Research Triangle Park, he was a principal engineer for the worldwide industry point-of-sale standard: JavaPOS. At IBM Research, some highlights include pioneering research on semantic Web services, mashups, and cloud computing, and platform-as-a-service. He joined the IBM Cloud Labs in 2014 and works closely with Pivotal Inc., to help make the Cloud Found the best PaaS.
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
"We view the cloud not as a specific technology but as a way of doing business and that way of doing business is transforming the way software, infrastructure and services are being delivered to business," explained Matthew Rosen, CEO and Director at Fusion, in this SYS-CON.tv interview at 18th Cloud Expo (http://www.CloudComputingExpo.com), held June 7-9 at the Javits Center in New York City, NY.
The Founder of NostaLab and a member of the Google Health Advisory Board, John is a unique combination of strategic thinker, marketer and entrepreneur. His career was built on the "science of advertising" combining strategy, creativity and marketing for industry-leading results. Combined with his ability to communicate complicated scientific concepts in a way that consumers and scientists alike can appreciate, John is a sought-after speaker for conferences on the forefront of healthcare science,...
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, introduced two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a multip...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
In his session at Cloud Expo, Alan Winters, U.S. Head of Business Development at MobiDev, presented a success story of an entrepreneur who has both suffered through and benefited from offshore development across multiple businesses: The smart choice, or how to select the right offshore development partner Warning signs, or how to minimize chances of making the wrong choice Collaboration, or how to establish the most effective work processes Budget control, or how to maximize project result...
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...