5.6 Analysis
SEA applies rules (see Section 5.11 Knowledge Rule Sets) that interpret error log contents and create meaningful problem reports—reports containing valuable analysis beyond a simple translation of log contents into a readable format. (SEA can perform translation as well, as described in Section 5.7 Translation.)
For a detailed description of analysis and the problem reports generated by analysis, see Chapter 7. In addition, Appendix A shows an example of a report generated by analysis.
5.6.1 Automatic Analysis
With the Director installed, automatic analysis of the system event log starts whenever you start your system. Because of this, SEA automatically analyzes events in the log file and generates reports as events occur.
The wsea command lets you interact with automatic analysis functions, including viewing the reports generated by automatic analysis and saving them to a file.
- 5.6.1.1 Viewing Automatic Analysis Reports
- 5.6.1.2 Logging Automatic Analysis Reports
- 5.6.1.3 Simulating Automatic Analysis
- 5.6.1.4 Resetting Automatic Analysis Results
- 5.6.1.5 Disabling and Enabling Automatic Analysis
5.6.1.1 Viewing Automatic Analysis Reports
To view the active problem reports generated by automatic analysis, use the report command:
wsea report [outtext | outhtml outputfile]Reports can be viewed on screen or saved to a file. If you do not include any output file parameter, the reports appear on screen. See Section 5.10.2 for more information about working with output files.
5.6.1.2 Logging Automatic Analysis Reports
You can tell SEA to automatically log generated problem reports into a \specific\ca\logs\prob.log file with the following command:
wsea log prob on | offIf a prob.log file already exists, new data from subsequent logging operations gets appended into the existing file. If you delete the prob.log file, SEA creates a new one as of the next logging operation.
5.6.1.3 Simulating Automatic Analysis
You can simulate automatic analysis with the following command (only available in the new common syntax):
wsea tes [nosystem]The command tests automatic analysis and the system's error logging facilities. See Section 7.7 for more information on simulating automatic analysis.
5.6.1.4 Resetting Automatic Analysis Results
Resetting can significantly impact the results of future analysis.
The following command clears the automatic analysis database (only available in the new common syntax):
wsea resThe command removes any currently active callouts and any stored analysis data such as thresholding information. The FRU configuration data and the marker of the most recently analyzed event are not removed.
Section 7.3.2 contains additional detail about resetting the automatic analysis results and the impact that resetting can have on future analysis results.
5.6.1.5 Disabling and Enabling Automatic Analysis
To enable or disable automatic analysis, use the following command:
wsea aut [on | off]If the automatic analysis process is busy when you issue the wsea aut off command, the command will not take effect until the analyzer has finished processing events already in its queue. If desired, you can force the command to take effect immediately by stopping and restarting the Director (see Sections 3.8 and 3.7).
The wsea aut on command takes effect immediately.
Automatic analysis is enabled by default, but you may want to disable it if SEA is running on a platform such as HP-UX or Linux, where a native error log is not currently analyzed.
You can verify that automatic analysis is enabled by issuing the wsea test command and observing the Real Time Monitoring display in the web interface (see Section 6.4.4.1).
5.6.2 Manual Analysis
Manual analysis is the user-initiated process of selecting a binary event log file for immediate processing using either the CLI command or the web interface (see Chapter 6).
The wsea ana command performs manual analysis as well as filtered manual analysis on a binary event log file, which can be the system event log, another log from the same system, or a log from a different system:
wsea ana [input inputfile] [out | outhtml outputfile]Filtered Manual Analysis—It is possible to create a tailored log file using filters (see Section 5.9 Creating New Binary Event Log Files) and then manually analyze the new file; however, be aware that this can result in incomplete or invalid analysis due to missing data that was filtered out.
To perform manual analysis with another syntax, see Appendix E.
By default, manual analysis processes the system event log. If you want to process a different binary log file, you must use the input keyword and specify the input file. See Section 5.10.1 for more information on input files.
By default, output from manual analysis is displayed on the screen. To save output to a file, use either the out or the outhtml keyword and provide a file name. See Section 5.10.2 for more information on output files.