Web Server Administration : Web Server Administration Chapter 11
Monitoring and Analyzing the Web Environment
Overview : Overview Monitor operating systems
Monitor Web servers
Monitor other Web applications
Learn about some analysis tools for Web servers
Monitoring Operating Systems : Monitoring Operating Systems Typically you analyze log files
They contain information regarding certain events
Logs are used to detect problems
OS, application, or security problems
Various tools can monitor performance
Should create baseline at beginning of OS lifecycle for comparison purposes
Monitoring Windows : Monitoring Windows Performance monitoring allows you to compare system performance over time
You can set multiple counters and watch them in real-time
Windows Task Manager highlights CPU and memory usage
You can modify services to notify you if a service fails
Windows Event Viewer : Windows Event Viewer The event viewer contains six event types shown in the left pane
Windows Event Logs : Windows Event Logs System and application events display three levels of messages
Information
Warning
Error
Because many messages can be generated, a filter focuses on what you want to see
Over time, the logs fill up so you should clear them or save them
Monitoring Linux : Monitoring Linux Logging is controlled by the syslogd daemon
Facilities represent daemons that used syslogd
Most facilities are listed below
Apache uses local7
Eight Levels of Message Priorities in syslogd : Eight Levels of Message Priorities in syslogd
Monitoring IIS : Monitoring IIS IIS has specific counters for use in the Performance Monitor
The System event viewer provides specific information
If IIS did not start, you can find out why
IIS has extensive logging capabilities
Default log format used by various third-party applications that analyze logs
You can create custom logs
Sample IIS Log : Sample IIS Log
Monitoring ApacheError Logs : Monitoring ApacheError Logs By default, syslogd sends Apache messages to /var/log/boot.log
Location of the error log
ErrorLog logs/error_log
logs refers to /var/log/httpd
You can create a different error log for each virtual host
Monitoring ApacheTransfer Logs : Monitoring ApacheTransfer Logs Transfer logs tell you about the use of your Web site
Default log based on combined format
Determined by the CustomLog directive in httpd.conf
There are a number of sample formats or you can create your own
By default, they are stored in /var/log/httpd/access_log
Monitoring DNS : Monitoring DNS BIND uses a logging statement that you configure in named.conf
Define logging in two parts
Channel defines where logging is sent
Category defines what will be sent
If the channel is going to a file, use the versions option to define the number of backups
Size option sets maximum size of the file
print-time adds the date and time to the file
BIND Categories : BIND Categories
BIND Logging Entry : BIND Logging Entry logging {
channel "techno_channel" {
file "named.log" versions 4 size 10m;
print-time yes;
};
category "resolver" {
"techno_channel";
};
};
Monitoring Exchange 2000 : Monitoring Exchange 2000 Uses Application portion of Event viewer
Should filter out informational messages because there are over 50 just when it starts
You can enable four types of logs
audit – access to mailboxes
protocol – commands used for SMTP, etc
message tracking – senders and receivers
diagnostic – analyze detailed problems
Analysis Tools for the Web Server : Analysis Tools for the Web Server Analysis tools extract system data from logs and format the data
For IIS, one of the popular tools is WebTrends from NetIQ
Helps you determine the source of Web traffic
Determines which pages are most popular
Nearly 50 different reports
123LogAnalyzer is available for both IIS and Apache
Many reports are similar to WebTrends
However, you cannot compare reports over time
Summary : Summary Monitoring operating systems typically involves performance monitor graphics and analyzing log files
When monitoring systems, start with a baseline
In Windows, Event Viewer is the primary utility
BIND 9 DNS has extensive logging capability
Analysis tools take data in logs and help you make sense of it in an easy to read format