IX plan to restructure value driver topics in Helix Log Analytics
Project information
Product and release | BMC Helix Log Analytics 22.4.02 |
|---|---|
Features | Important value drivers in Log Analytics should be at L1 level in docs Enriching logs Generating events from logs Extracting fields |
Content developer | Swati Malhotra |
Epic / Use cases | |
Design documents | |
Personas | |
Master space | |
Whatfix self-help plan | NA |
Product style sheet |
Use cases
Use case | Persona | Situation | Customer's information need | Delivery medium | Search keywords | Real-world example | Test case | Testing needs R&D help? | Review comments |
|---|---|---|---|---|---|---|---|---|---|
As a tenant administrator, I shall be able to enrich logs with meaningful information that will help operators to resolve an issue quickly. | Tenant administrator | Happy path | Video and wiki topic | The detailed IX plans for these use cases are added here for reference. I have prepared this IX plan to highlight that these are valueable use cases for the product. Here is the ideal flow in which we can derive value out of the product: Analyze logs (and Visualize logs) > Enrich logs > Extract fields > Generate events Based on this flow, we are proposing the changes to the L1 structure of Log Analytics doc space as mentioned in the Wiki structure topic. | |||||
As a tenant administrator, I shall be able to extract fields from log messages to use these fields to analyze and visualize logs more effectively. | Tenant administrator | Happy path | Video and wiki topic | ||||||
As a tenant administrator, I want to be notified when a condition is satified in logs. | Tennt administrator | Happy path | Video and wiki topic |
Wiki structure
In the outline, list the sets of tasks, concepts, and reference information that forms a complete workflow for the use case. Depending on the complexity of the feature, you might have multiple workflows or parent/child workflows. If possible, try to keep topics only three levels deep (L2 - L4). If a topic contains a help context ID, review guidelines on IDD Central before renaming the topic.
SM: I am putting the complete space structure here for reference, but not including sub-headings so that we can focus on the L1s.
Role | L1 - Branch | L2 | L3 | L4 | L5 | Significance | Topic type | Rich media | Writer notes | Review comments |
|---|---|---|---|---|---|---|---|---|---|---|
Release notes and notices | ||||||||||
xx.y enhancements and patches Deprecated and discontinued features Known and corrected issues | ||||||||||
Getting started | ||||||||||
Orientation Accessing and navigating the UI Supportability details Product overview Use case: Root cause analysis by using logs Learning about BMC Helix Log Analytics | MM: Consider renaming "Product overview" to "Overview of BMC Helix Log Analytics" | |||||||||
Onboarding and implementation | ||||||||||
Collecting logs | ||||||||||
Parsing logs | Massage logs into the same format - For example, putting the time stamp in the same location. | |||||||||
Filtering logs | Choose which messages within the log to include or exclude. Note that parsing and filtering are both in the same screen of the product. | |||||||||
Collecting logs from files Collecting logs from cloud (AWS) Collecting logs from Kubernetes Collecting Linux syslog records Collecting Windows event logs Collecting logs by using Logstash and Filebeat | ||||||||||
Operator | Deriving insights from logs | |||||||||
Operator | Visualizing logs | Visualizing logs is a value driver, but it can also be combined with Exploring logs. So, I have put it as L2. Please sugegst if you agree. | ||||||||
Adding value to logs | ||||||||||
Enriching logs | Bring in additional information to make sense of the logs. | |||||||||
Adding enrichment sources Creating enrichment policies | ||||||||||
Extracting fields | Divide the log message into separate fields. | |||||||||
Order for applying policies | Sequence in which policies are applied to logs: Extraction Enrichment Alert | SM: This topic is related to three topics - Extracting fields, Generating events from logs, and enriching logs. In the current arrangement, the topic fits nicely. However, in the proposed structure, I need your suggestions to put it approriately. | ||||||||
Generating events from logs | ||||||||||
Archiving and restoring logs | ||||||||||
Managing logs with REST APIs (title to be changed in 23.1) | ||||||||||
Troubleshooting | ||||||||||
PDFs and videos | ||||||||||
FAQs (title to be changed in 23.1) | ||||||||||
Related spaces |