I think the question "Are all your logs worth consuming and if so, why?" is better asked "if so, when".
The same logs that are monitored in realtime to generate alerts should be batched once a day for trend analysis and again once a week and then once a month; sometimes a longer view shows behaviors that can be obscured in shorter windows.
I'm sure that commercial log analyzers can manage this sort of thing, but due to slow adoption and a certain amount of territorial infighting they are not a regular part of my job. Because of this I tend to write specialist parsing scripts for log handling. YMMV!
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I think the question "Are all your logs worth consuming and if so, why?" is better asked "if so, when".
The same logs that are monitored in realtime to generate alerts should be batched once a day for trend analysis and again once a week and then once a month; sometimes a longer view shows behaviors that can be obscured in shorter windows.
I'm sure that commercial log analyzers can manage this sort of thing, but due to slow adoption and a certain amount of territorial infighting they are not a regular part of my job. Because of this I tend to write specialist parsing scripts for log handling. YMMV!