Current view: XpoLog V5. Available: XpoLog V6 and XpoLog V7 (Latest)

Skip to end of metadata
Go to start of metadata

Welcome to XpoLog 4.5

This article contains details on new features, enhancements, and general information related to the release of XpoLog Center 4.5.

Contents

Planning a New Installation or Upgrade?

Documentation Improvements

Known Issues

General System Enhancements

Storage Capacity Utilization

Data Model Optimization

Performance

Scalability and Stability

UI Changes

XpoLog Manager

Configuration Management

Automatic Data Parsing and Normalization

Automated Configuration Changes Procedures

UI Changes

Search

Augmented Search

Ad-hoc Visualizations

Dashboards Integration

Integrated PDF Generation

New Search Commands and Functions

User Tools to Build Queries, Zoom In, and Drill Down

Data Streaming

Performance

UI Changes

Dashboards

HTML5

Integrated PDF Generation

External Exposure of Dashboards

Additional Gadgets - Visualization Options

 

 

Planning a New Installation or Upgrade?

Setups are available at www.xpolog.com. Please review Plan a Deployment for details on system requirements, installation procedures, and getting started.
If you plan an upgrade from an earlier XpoLog version, please contact our support team at support@xpolog.com to get more details.

 

Documentation Improvements

We are constantly improving our documentation and resources. Recently, we published a new documentation site – http://wiki.xpolog.com, Q&A site – http://answers.xpolog.com, and technical support site – http://support.xpolog.com. We are working hard to update the resources to provide as detailed and accurate documentation as possible.

 

Known Issues for the Current Version

  1. Log type FTP is no longer available (use SSH/SFTP instead).
  2. Log type HTTP is no longer available.

 

General System Enhancements

Storage Capacity Utilization 

XpoLog automatically collects all data from the remote log sources. Stored data is maintained (compressed) in a searchable repository for as long as needed. Required capacity is 30%-40% of the original log data.

 

Data Model Optimization 

XpoLog data model management was redesigned to run in maximum efficiency and return results within seconds, from thousands of log sources and terabytes of log data.

 

Performance 

XpoLog 4.5 storage utilization optimization and new data model design significantly improve data availability and performance, returning results super-fast.

 

Scalability and Stability 

Comprehensive enhancements were implemented to increase stability and enable a MapReduce approach for high scalability to support huge logs volume.

 

UI Changes  

General UI changes were implemented, including renaming of system modules: XpoLog to Manager and XpoSearch to Search.


 


XpoLog Manager

Logs Configuration Management

Online sources management is now integrated with collected sources management. Collectors management console and Storage panel have been removed to simplify configuration management.
There now exists a single configuration and access to a log source under Folders and Logs, with the relevant collection policy
.

 

Automatic Data Parsing and Normalization

A major enhancement has been made to the patterns recognition process in order to automatically identify and normalize data into a structured model. This improvement enables a complete scan of remote log sources to get the data available in XpoLog very quickly. Further tuning of the normalization/parsing rules is available at any given time.


Automated Configuration Changes Procedures

  • Apply a naming convention on multiple logs in the environment so that log sources have a unified naming convention; for example, <server_name>_<folder_name>_<log_name>

 

UI Changes

Several UI changes were implemented in XpoLog Manager.

 


XpoLog Search

Augmented Search

Integration of knowledge layers on top of regular search results. The knowledge layers contain auto-detected problems (automatically identified by the system’s Analytics engine), predefined problems (users' custom problems saved in the system), and will contain more knowledge types in the future. The problems suggestions are presented over time, based on severity and number of occurrences, and can be accessed immediately. More> 

 

Ad-hoc Visualizations

Options have been added to create data visualization based on queries results, directly in the search console – line, bar and stack graphs, pie charts, events lists, and more. More>

 

Dashboards Integration

Integration has been added between the Search console and dashboards – any visualization can now be saved from the search directly into an existing or new dashboard. More>

 

Integrated PDF Generation

 PDF generation is now integrated directly from a search view to export results. More>

 

New Search Commands and Functions

XpoLog Search 4.5 includes the following new search commands:

  • Execute – programmatic syntax that provides users the option to execute highly complex data querying
  • Transaction – an events correlations mechanism for querying transactions events correlated from multiple sources
  • Where – constraints syntax on top of queries for applying thresholds and filtering the results accordingly
  • Time – a time measurement function between events, based on a common parameter (time distance between first occurrence to last)
  • Custom formatting – automated and custom formatting of different units of time, volumes, and more. For example, takes a numeric value which represents a volume unit, and formats it to be presented in a volume unit of bytes, Kilobytes, Megabytes, etc.

 

User Tools to Build Queries, Zoom In, and Drill Down

New tools and options are included in the new Search console:

  • Query tools (regular searches) – Added tools to add values from search results to queries, exclude from search results, replace search, and add to search to provide a more user friendly and efficient workflow on the search console.
  • Query tools (complex searches) – Added Interesting Fields section to create complex queries (aggregations, statistics, and additional functions) with the click of a button.
  • Zoom-in – Enhanced the zoom-in capabilities of the search to seconds resolution by selecting the desired time range directly on the graph. Also added a new time graph that shows the graph for the original search time range, with the zoomed-in part of the graph highlighted. This enables viewing the zoomed-in part of the graph relative to the original search time graph. 

Data Streaming


Performance

Major search optimizations have been added to isolate matching events in the environment within seconds.


UI Changes

The search console UI was thoroughly redesigned to include all of the above new functionality.

 

XpoLog Dashboards

HTML5

All charts were replaced with HTML5 (formerly it used Flash). The only gadget that uses Flash is GeoIP map.


Integrated PDF Generation

PDF generation is now integrated directly from a dashboard view or a specific gadget view. In addition, you can now schedule an automated process to send out a snapshot of dashboards as PDF.


External Exposure of Dashboards 

XpoLog exposes a direct link to dashboards and specific gadgets to enable using the dashboard’s definition in external systems and consoles.


Additional Gadgets – Visualization Options

New gadget types include pie and donut charts, stack bars, transactions visualization, and more.

 

  • No labels