Log Analysis

Version: 1.0.0 | License: MIT

Tags: logs errors debugging monitoring operations

Log Analysis Skill

Knowledge base for analyzing log files, identifying error patterns, and performing root cause analysis.

When to Activate

Activate this skill when:

• Analyzing application or system logs
• Identifying error patterns and anomalies
• Performing root cause analysis
• Correlating events across log sources
• Investigating production issues

Core Capabilities

Error Pattern Recognition

• Common error signatures
• Stack trace analysis
• Timeout and connection patterns
• Memory and resource issues

Log Parsing

• JSON/structured log parsing
• Apache/Nginx combined format
• Syslog format
• Application-specific formats

Correlation Techniques

• Timestamp alignment
• Request ID tracing
• User session correlation
• Service dependency mapping

References

• Error Pattern Recognition
• Log Parsing Techniques
• Common Error Patterns

Quick Reference

Error Severity Mapping

Log Level Standards

Quick Grep Patterns

# All errors
grep -iE "(ERROR|EXCEPTION|FATAL|CRITICAL)" logfile.log

# Timeouts
grep -iE "(timeout|timed out|deadline)" logfile.log

# Memory issues
grep -iE "(OOM|out of memory|heap|allocation failed)" logfile.log

# HTTP errors
grep -E "HTTP/[0-9.]+ [45][0-9]{2}" logfile.log

Analysis Workflow

1. Format Detection
   └── Identify log structure

2. Error Extraction
   └── Filter by severity

3. Pattern Grouping
   └── Count and categorize

4. Timeline Analysis
   └── Identify spikes/trends

5. Correlation
   └── Link related events

6. Root Cause Hypothesis
   └── Evidence-based conclusions

Integration

• Used by ops-analyst agent
• Triggered by /ops:logs command
• Feeds into /ops:postmortem for incident analysis

References