20. Feb. 2013 by Markus
The Retrospective log analyzer was not born out of an idea we happened to have while contemplating hypothetical issues. It was initially created to help our staff on customer site involved in the complex work of software development, system integration and operation support. We had an intricate integration project with a multitude of servers such as parallel CRM instances, integration and message broker engines, redundant work-flow servers and, of course, a bunch of COTS and custom applications. As we integrated data and business processes within that environment, every functioning piece of software on our servers created log files.
In this situation we really wanted a light-weight and agile log analyzer that would enable a quick configuration of data sources on local and remote servers. It had to search through the logs quickly and present results from different sources in a unified, time-ordered fashion. From the presentation of these results, we needed to be able to dynamically narrow down the criteria and outline individual elements visually.
This is where Retrospective started developing its shape: we came up with a tool that could automatically save our log file locations in configuration profiles that reflected the right cutouts of the landscape. But we also wanted a tailing feature that would scroll the unified view over our screens when the logs were written. Narrowing down with the right search terms, we had a better understanding of how the components worked together and due to this we were immediately aware when things went wrong.
Retrospective helped us tremendously and saved a lot of time, energy and money. IT landscape complexity grows constantly and dynamically. Rather than setting up a complex and expensive SIEM solution that just never has those newly-created log files that you need in its monolithic event data base, you can now install a powerful In-memory log analyzer on your notebook or desktop that connects you to the data you need in minutes. Instead of installing data collection agents on all of your servers and archiving mountains of data that nobody might ever look at, Retrospective gets you in real-time to the logs that you need, directly from where they are written to. All you need on the remote server is an SSH connection.
Since its initial creation, a lot of elbow grease and sweat has gone into the development of Retrospective. The log analyzer has been refined all over again incorporating our experiences and lessons learnt in IT projects and users’ feedback.
In one particular project, we were dealing with a wide range of servers that performed massive batch crunching of business data. There was parallelism on several levels and completing the jobs for a large volume of data was critical for business. Of course this is the sort of situation where you prefer not to encounter errors that are causing corrupt and unusable data, ...guess what we were confronted with? The log levels were raised, causing the amount of log data to grow massively. The SIEM solution that the customer had installed was struggling to timely collect and index all of these logs, hindering us from completing the root cause analysis. Not to mention the SIEM’s browser based interface that was not as reactive and flexible as we wanted it to be.
In such situations the management quickly gets nervous and you need tools that enable you to tackle the problems. The Retrospective Log Analyzer is only fetching the data corresponds to search criteria, thus limiting the amount of transferred log data. It implements sophisticated load balancing of the data collection on the remote servers using pure SSH. Our Retrospective Log Analyzer enabled us to pinpoint the issues and solve the problems within a short space of time, without stealing the vitally important CPU power from the batch servers.
The Retrospective user interface is a smart and precise RCP front-end that had been thought through by our UX designers on more than one occassion. It enables users to work in an agile way on Windows, Mac and Linux on one, two or many more monitors. We believe that when it comes to analyzing log data, you need freedom to adapt to the specific situation. We created Retrospective as a cost-effective log analyzer serving software developers, system integrators, system administrators and operation supporters to solve critical issues. Retrospective saves time and money, enabling IT workers to focus on their work instead of wading through piles of superfluous log data. The Retrospective feature list is constantly growing. We incorporate a lot of user feedback and our product backlog is full of ideas on how to further extend our agile and decentralized approach for log data analysis and management.
Retrospective key features:
Unmatched search speed, faster than native grep commands on different OS flavors
Consistent tailing function, allowing to stream and filter on your screen in real-time
Combined log data from many sources displayed in a unified, time-sorted view
Up to 15 simultaneous SSH sessions, load-balanced server load to prevent CPU degradation
Log sources tested on Redhat, Ubuntu, Mountain Lion, Aix, HPUX (Remark: release 2.2.x only)
Flexible and editable profiles automatically created, organizing remote and local data sources
Export analysis results for processing in other software packages (Remark: release 2.2.x only)
Tabbed interface in familiar web browser style
Sophisticated multi-window and multi-monitor support, view setups savable
Bookmarking for complex search parameters and profile selections
RCP comfort on Windows, Mac and Linux platforms
Installed and configured in minutes