18
Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Embed Size (px)

Citation preview

Page 1: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Web Server Administration

Chapter 11Monitoring and Analyzing the

Web Environment

Page 2: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Overview

Monitor operating systems Monitor Web servers Monitor other Web applications Learn about some analysis tools

for Web servers

Page 3: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Monitoring Operating Systems Typically you analyze log files

They contain information regarding certain events

Logs are used to detect problems OS, application, or security problems

Various tools can monitor performance

Should create baseline at beginning of OS lifecycle for comparison purposes

Page 4: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Monitoring Windows Performance monitoring allows you

to compare system performance over time You can set multiple counters and

watch them in real-time Windows Task Manager highlights

CPU and memory usage You can modify services to notify

you if a service fails

Page 5: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Windows Event Viewer The event viewer contains six event types shown in the left pane

Page 6: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Windows Event Logs System and application events display

three levels of messages Information Warning Error

Because many messages can be generated, a filter focuses on what you want to see

Over time, the logs fill up so you should clear them or save them

Page 7: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Monitoring Linux Logging is controlled by the syslogd daemon Facilities represent daemons that used syslogd Most facilities are listed below

Apache uses local7

Page 8: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Eight Levels of Message Priorities in syslogd

Page 9: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Monitoring IIS IIS has specific counters for use in the

Performance Monitor The System event viewer provides

specific information If IIS did not start, you can find out why

IIS has extensive logging capabilities Default log format used by various third-

party applications that analyze logs You can create custom logs

Page 10: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Sample IIS Log

Page 11: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Monitoring ApacheError Logs

By default, syslogd sends Apache messages to /var/log/boot.log Location of the error log

ErrorLog logs/error_log logs refers to /var/log/httpd

You can create a different error log for each virtual host

Page 12: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Monitoring ApacheTransfer Logs Transfer logs tell you about the use of

your Web site Default log based on combined format

Determined by the CustomLog directive in httpd.conf

There are a number of sample formats or you can create your own

By default, they are stored in /var/log/httpd/access_log

Page 13: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Monitoring DNS BIND uses a logging statement that you

configure in named.conf Define logging in two parts

Channel defines where logging is sent Category defines what will be sent

If the channel is going to a file, use the versions option to define the number of backups Size option sets maximum size of the file print-time adds the date and time to the file

Page 14: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

BIND Categories

Page 15: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

BIND Logging Entry

logging { channel "techno_channel" {

file "named.log" versions 4 size 10m;

print-time yes; }; category "resolver" {

"techno_channel"; };};

Page 16: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Monitoring Exchange 2000 Uses Application portion of Event viewer

Should filter out informational messages because there are over 50 just when it starts

You can enable four types of logs audit – access to mailboxes protocol – commands used for SMTP, etc message tracking – senders and receivers diagnostic – analyze detailed problems

Page 17: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Analysis Tools for the Web Server Analysis tools extract system data from

logs and format the data For IIS, one of the popular tools is

WebTrends from NetIQ Helps you determine the source of Web traffic Determines which pages are most popular Nearly 50 different reports

123LogAnalyzer is available for both IIS and Apache Many reports are similar to WebTrends However, you cannot compare reports over

time

Page 18: Web Server Administration Chapter 11 Monitoring and Analyzing the Web Environment

Summary Monitoring operating systems typically

involves performance monitor graphics and analyzing log files

When monitoring systems, start with a baseline

In Windows, Event Viewer is the primary utility

BIND 9 DNS has extensive logging capability

Analysis tools take data in logs and help you make sense of it in an easy to read format