Through contextual clustering, we enhance diagnosis by providing the following:

1. A view of the error log and its surrounding log lines.

2. Automated grouping of error patterns based on the patterns of logs seen around the error (as same error can occur in different contexts).

3. Stores the previously seen error patterns along with its metadata (tags and comments that a user may want to assign to that error pattern) for easier diagnostics in future runs.

In the current ‘Unexpected’ tab of log analysis, every cluster is formed using an algorithm which estimates the closeness between log lines and grouping them together.

Sample normal cluster 1

Sample normal cluster 2

These clusters do not provide any detail about why or how a ‘Critical Error’, ‘Error’ and ‘Warning’ events occur.

Let's take a look at the first cluster ‘FileNotFoundException’. It has occurred once which is indicated by the new release count.

To see the context of this log line, navigate to the ‘Contextual’ tab and check for the same error log line. It will be as below:

Click on the ‘Show More’ button to display the entire context based on the window size provided earlier. Refer to the image below:

The details will appear as shown in the image below:

Now let's take a look at the second cluster which is ‘No servers found from any supplier’. For this same error log, note that it occurs in two different patterns as shown below:

Click the ‘Show More’ button will display the entire context based on the window size provided earlier as shown below:

When a pattern is repeated more than once a line is used to distinguish the occurrences of the pattern as below:

You can also add an already present tag or create a new one in the ‘Contextual’ tab using the Tag drop-down as shown below: