LOGs Filtering

What

"Imagine you are in a forest and there is no road to go, you take the charge and create a way by using some flags and sticks to map the route towards the destination and you happily announce now the road is ready to be used" Other people start using it but still some do not reach the destination. Now in order to troubleshoot and find why didn't they reach there, what would you do?

  1. The natural: You will ask them their way of following the instructions on the way (which they might also not remember 100%)

  2. May be better: You will ask one of their shoe size and go back on the route and analyse their steps.

  3. Oh! thats too much effort to repeat for rest complaints. You would want to know automatically while seating at the checkpost, so how about this?

    You will install land sensors which sends you en entry of a person passing by with the point reference. Eg.

user1: started-from-checkpost > reached-big-banyan-tree > crossed-river > took-left-turn-from-tanker

From step1 to step3 what you just improvised is called automated logging in software terms.

Logging is the process of recording application actions and state to a secondary interface. Logging of meaninuful events for a software, helps in troubleshooting, debugging and testing a sofware's behavior when used in various ways.

Why In Software Testing

Now, as we know that "A good log file is an automatically produced and time-stamped documentation of events relevant to a particular system."

When I'm developing: I ensure to LOG events of importance rightly [Error, Warning, Info] and educate my peers about the relevant logs so that testing and production monitoring becomes easy.

When I'm Testing: I work with the developer to understand, where does the logs gets stored and which logs are of my imporatnce while testing a specific feature, it helps me save my efforts and increase the possibilities of noted bugs gets fixed quicker provided I learn and use backend LOGs as super useful tool.

Steps to learn:

Step 1: Because the LOGs gives the transparency on what happend behind the scene when the application was used as a user or if the application is not testable (some required processes are not up)

Now, let's say we have a huge log file which keeps changing as the realtime logs keeps getting saved in it. And you would want to read them sometimes, the truth is, you will read them quite often if you want to save your time and find things quite easier on your own.

You will think like, oh! its just a file then yes I can open the file and read with my favorite editor or vim. Wait! what this file is too to even open and real-time (new logs keepd getting added on the file: imagine 10000os of users interacting with the software in a second), I really need easier way to read them. Here you go:

1.. Read first few lines i.e read the head using head command

It is used to display the first parts of a file, it outputs the first 10 lines by default. You can use the-n option to specify the number of lines to be displayed

head -n 20 /in/this/path/logFile.log

2 As now we know head is for the beginning, what can be for ending? yes the obvious tail

Watch changes in a file in real-time with tail along with special option

tail -200f /in/this/path/logFile.log

It will display the last real-time changing 200 lines

  1. You may require to search a particular text in any file i.e. greping something

    Search with grep

    grep "want to search this string" /in/this/path/logFile.log

  2. The power of double: can we be better at understanding logs with combining different commands?

Eg. use any command with pipe symbol and grep

tail -200f /in/this/path/logFile.log | grep "want to search this string" /in/this/path/logFile.log

This will speed up your lookup, showing only the matching string (passed in grep) in the last 200 real-time logs lines in the given log file. The same you can try with any other command which returns some result and you want to filter more on top of them.

More to self learn: less and more commands

Step 2: Work for some minutes, with the person in team who have added the logs or someone who knows already to understand which LOGs are improtant to you for a particular feature/product. Ideally everytime before starting testing for any feature, the 1st query should be "Where and how do I debug or check logs"

Note If there in no machine access, there must be a inhouse protal where the logs can be easily filtered. If known of them exist, it's time to educate your peers and have anyone at-least.

Questions

  1. Write command to read last 100 lines of your file

  2. How would you search a string while reading dynamic logs

More good read: here

Tip: Also learn to check logs in user interface like browser (console and network panel in chrome devtools) or mobile ecosystem as well because the request generally starts from there i.e. if the request is failed/denied/aborted at at user interface itself, the call may not go to the backend and hence there will no logs in the backend... here you go, you know the sequence to debug now, play with it!

PreviousUseful LinksNextQuiz

Last updated