Capacity Management: Monitor
Rather than installing agent-based monitors, utilization can be very effectively monitored through log data especially considering that a Log Intelligence infrastructure is typically already in place to support other ITSM processes. Log data can be automatically analyzed against pre-set thresholds to trigger warnings. Many applications also have built-in thresholds and will automatically generate log messages when the application is nearing capacity. For example, most systems will warn when disk space, or CPU utilization are nearing capacity. No external instrumentation is required for this type of monitoring other than a log management system to receive and display (or transfer) the warning.
Typical capacity related alerts that can be triggered based on log data include when thresholds are exceeded for:
- CPU utilization
- Memory utilization
- Transactions (messages) per second
- Bandwidth utilization
- Total number of logins
- Total number of (VPN, Firewall) connections
- Frequency of data or program access
All thresholds should be set for the normal operating level as determined during the assessment phase. There should still be sufficient time to take corrective action before SLAs are breached.
In addition to static, manually configured thresholds, Log Intelligence solutions can also automatically create a baseline of normal activity levels. If these levels are exceeded an alarm can be triggered.