CU Alert: All enterprise and business applications are available. See email for additional information.
Portal Status: Green
The UIS Centralized Operational Information and Event Management service, known as LogBook, was released March 2019. The tool’s features allow UIS staff to more effectively monitor system health and detect potential issues.
What can centralized logging do for you?
Centralized logging allows for early problem detection with alerting on system health and critical events in near real-time. These logs are used almost exclusively for investigating customer-reported issues or system issues.
In distributed systems, it is sometimes difficult to identify a problem’s source system, but centralized logging allows for a wider view by searching or observing multiple sources at a time. LogBook provides UIS staff with Google-style plain language searching of logs, flexible data enrichment, quick log statistics as well as easy graphing and alerting. This improves collaborative troubleshooting across functional areas, allowing UIS to maintain reliability for systems that CU counts on.
This service has been running since October 2018 and was recently released for general availability to replace QRadar in March 2019. Several trainings taught UIS employees to use the tool with their specific systems.
Logbook replaces QRadar’s operational compliance requirements and adds the flexibility for potential new regulatory requirements. On QRadar, the department’s capacity to detect real-time activity and manage logs on its local systems was limited. By comparison, LogBook maintains a centralized logging repository for any services that connects their data to it.
UIS application owners take advantage of three primary components to simplify monitoring: Elasticsearch (datastore), Graylog (collection, search, and datastore management), and Grafana (dashboard).
The Cross-Applications Middleware team within UIS will continue working with UIS application owners and developers get the most out of this new service.