May 03, 2012

Is it worthwhile to do a Daily Log Review?

Time is always at a premium for IT staff, I get that. I just started a new job, and one thing that they don't do is a Daily Log Review, which was something that we allocated time for every day at my previous position. I'm "the new guy" and don't want to come in saying things that start with the phrase, "At my old job..." but that doesn't mean I think they should implement one. Does this seem like common sense to you or am I being overly picky? Why wouldn't a company devote the resources to a Daily Log Review?


I spend 4-5 hours a day looking at all the logs my system puts out. I look for trouble spots and I have seen problems coming that could impact the system (ie OUTAGE) and have ordered preventative maintenance and schedule it to be applied soon. I also look at security issues and I keep ahead of the phone call of the boss asking me to explain .....

The real duties of my job only vaguely mention reviewing logs and I have found the time required pays off handsomely in the 1-6 month time frame. There tends to be a lot less emergencies as the logs tend to give me a fair idea what is going on system wide (I am a systems person). The security people do the same and they have learned from me that heading off issues is a lot easier than handling emergencies. Frankly I do not know if the DBA's watch their logs, I hope that they do as I can only hand hold so many departments.

If you have the time to do it, it seems like a good idea to me. Not everybody will though, so I think you have to sit down and figure out how to work it into your schedule. You may need to adjust time spent on various things before beginning to do it.

I definitely think that it is a good policy.  Not only do you provide yourself with a valuable tool for identifying the trail of events leading up to an issue and assisting in troubleshooting after a problem has arisen, it gives you a window into the daily operation of your systems/infrastructure.  As you construct the rules for your daily log review, you can start to see events in a new light, as they occur, and tag them either as something that should be looked at or a harmless event.  Eventually, you should be increasingly able to identify problems as they develop, but before they become serious.  I think it would be a positive addition to your daily practices. 

Answer this