I have a requirement where I need to capture application logs(node failure, permissions etc) and product level (like Search server, Data server, Appian engines etc.) logs. Once captured an incident/ticket has to be raised in Appian (customized process)
For application logs, i know that this can be configured and a incident report can be generated with issue type, actor etc.
Can we do the same for product logs ?
Also, can we create alerts for for product logs (similar to what we do for application where we configure alerts to a particular group) ?
Thanks in advance.
Discussion posts and replies are publicly visible
There's a few ways I have seen teams deal with this. One thing you could do is to use the log reader plugin to return information from the logs and parse it out. For example, you could run a process which periodically scans the logs and triggers a process if there is an error. I've also seen a lot of projects use external log monitoring tools (e.g. Splunk). If you are on cloud, then you can use the Log Streamer to stream the results of the logs to another tool. If you're on premise, you'll have to set up the log streaming yourself.
Keep in mind that Appian cloud also has a system for alerts and monitoring available for all customers. If we find an issue, we'll proactively open a support case for you and inform you what is going on.
I'd also recommend using the Health Check. It will give you detailed information about platform wide issues and suggestions for how you can resolve issues.
Thanks Peter. WE are on-premise and looks like we need to set up the log streaming process. Could you help me with the process to do the same ?
Can you just point whatever logging tool you use to the appropriate logs? I can't really give a more specific answer than that because it will be dependent on what kind of external tool you use. Keep in mind that the cloud log streamer is just forwarding the logs to a syslogs receiver; if you're on-premise you probably don't need that because you should be able to directly access the logs directory.
We will be using Splunk to capture logs. For on-premise, yes we will have access to logs but here we need to put them to Splunk which is the single source at entriprize level for log monitoring. WIth the help of Universal Forwarder in Splunk we can read the logs in Appian is what i understand. Please correct me if i'm wrong.
Yep, that should do it!
© 2020 Appian. All rights reserved.