another interesting (imo) tao article.
what jumped out at me is the attempt to take data normally displayed as text and move it into a visual format.
i've spent far too much time kicking this type of idea around (and def not enough time coding solutions: suX0r@me).
back in the day (at a corp which saw no value in log review) i was reviewing boatloads of event logs each morning, and doing 'page-down, page-down, page-down' on the retarded windows messages i hadn't yet parsed out on the syslog server i noticed that i was looking for a visual change in the text patterns scrolling by to get my attention. when the scrolling pattern changed, i'd page up and pay attention. i know this sucks, but the job didn't give me much time, and i figured it was better than nothing.
i ended up coding up a different solution (which i'll finish and release some day, really!) which processed all these impossible to read win log data messages and turned them into useful info (ie: bob had 12,631 failed logins in the last hour).
but the visual cue thing sticks with me to this day. i've really wanted to build a visual scoreboard very very similar to the tao post for use with either log events or with network flows (kinda like bruce potter talks about; pay attn to the outliers).
anyway, i'm not at a gig where i have visibility on big pipes anymore, or bit syslog feeds, so all my dev in this area has halted. hopefully i'll get back to it someday...
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment