logentries.

com

1
 logentries.com

Table of Contents
Introduction ......................................................................................................................... 5

Alerting ................................................................................................................................. 8

Tableau Performance ............................................................................................................... 9

Server Performance ................................................................................................................. 10

Third Party Tools ..................................................................................................................... 10

Integration ............................................................................................................................ 11

Moving Tableau Data Into Logentries ......................................................................................... 12

Moving Logentires Data Into Tableau ......................................................................................... 13

Monitoring ............................................................................................................................ 14

Tableau Performance ............................................................................................................... 15

Server Performance ................................................................................................................. 16

Conclusion ............................................................................................................................. 17

Case Study: Pluralsight ......................................................................................................... 18

2
 logentries.com

About the co-author, Mike Roberts

Mike has coined the A.I.M. acronym referred to throughout this paper. Additionally, Mike has over
a decade of experience with data, specializing in: databases, analytics, visualization engineering,
and scripting. He has worked with Fortune 500 companies as well as small businesses helping
them understand and implement their data and analytics infrastructure. His analytics engineering
methods start with people and context. While some industries are consumed with defaults, he
believes that data intelligence starts with giving access to information with collaboration and
scalability in mind.

About the co-author, David Posin

David has been involved in the Information Technology Industry for 2 decades. Fifteen years of
that time was spent consulting with many companies in a wide range of industries to build solid
technology stacks and robust application architectures. David has watched the Cloud and the
World Wide Web grow from their infancy, and now spends every day fully entrenched in those
worlds. Currently, David builds high-performance web applications and offers professional
technical writing services.

About Logentries
Logentries is a leading SaaS-based log management tool used for real-time log centralization,
search and analysis. DevOps, Security & IT professionals use Logentries to manage both logs
and unstructured machine data for immediate visibility into their IT environments. Logentries
seamlessly integrates with Tableau allowing you to analyze and improve the durability of your
environment. Sign up for a free Logentries account today to get started.

3
 logentries.com

Business intelligence and logging are rarely mentioned

in the same discussion which is unfortunate. When
the two disciplines come together, great things can
be accomplished. This is especially true of Logentries,
a premier logging solution, and Tableau, a business
intelligence solution. An integration between the two
technologies can be make a powerful tool for action.

This paper will provide insight into how Logentries

can best support Tableau through an implementation
dubbed A.I.M (Alerting - Integration - Monitoring).
These three words describe a powerful environment
where Logentries provides insight and actions to
enhance your Tableau environment. This paper should
serve as a starting point to considering how an A.I.M.
implementation can serve your Tableau environment.

4
 logentries.com

Introductions

Logentries
Logentries.com can deliver valuable insight to your business in order to eliminate the complexity
of managing applications and systems in today’s distributed environments. Logentries is an
extremely robust platform for aggregating, visualizing, and analyzing log data. There are several
different ways to search your log data to find actionable patterns and information. Log searching
is performed with keywords, KVP (key-value pairs), strings, regex patterns, and LEQL (Logentries
Query Language).

One of the product’s greatest strengths is its ability to integrate with other platforms. Most log
data is sent to Logentries.com through agents that run on an operating system or platform.
Integrations exist for the Mac OS, Windows, Linux, AWS Cloud Services, Logstash, Docker, and
many others. Integrations also exist with other platforms through a robust REST API and TCP/
UDP upload endpoint.

Logging is only part of what Logentries does. Logentries.com also makes log data actionable.
When logs are ingested by the system, they are examined and alerts are sent when they meet
user defined criteria. Alerts can be sent via email or through applications like Slack. Alerting is
a crucial piece for integrating Logentries and Tableau. Alerting allows for information about
Tableau’s operation to be acted on, from proactive user support to reactive system support.

Tableau
Tableau tames information and exposes it in ways that help businesses discover meaning.
Tableau’s user friendly design democratizes data by putting the ability to explore and discover
data patterns in to everyone’s hands. There are a large number of visualizations from simple line
charts to global maps that are easily usable.

The Tableau platform recognizes that one of the biggest impediments to understanding data
is noise. Large amounts of information can hide patterns that could be crucial to a business’
success. This is why Tableau’s focus on user friendly design is so important. There is no need for
users to understand the complexities of data queries. Easy tools, like a drag-and-drop interface,
obfuscate that complexity from the user.

5
 logentries.com

Strategy
Integrating Logentries and Tableau should be done with specific goals in mind. General
integration will work, but will be less useful for the organization. It’s important to consider how
the two software platforms working together will be leveraged in the organization. A proper
and robust log analytics strategy regarding Tableau’s infrastructure will enable Tableau to
become self-healing and automated; instead of guessing as to what the issue might be, Tableau
engineers are able to optimize the data platform at scale for employees and customers.

To help organize your thoughts on how to leverage the software, ask questions like
the following:

Are the alerts that will be configured in Logentries designed to improve Tableau
system operation?

Do you intend to use Logentries to notify support when user’s seem to be having
trouble with Tableau?

Is this a widespread network where multiple sources will send log data to Logentries?
If so, how is it best to visualize that information?

How automated do you want this log strategy to be?

What events should support or users be notified about?

Do you want to have the analytics platform push data back to the user?

What level of self-service to you intend to support/provide?

6
 logentries.com

If security is your top priority, how are you going to understand your customer activity
on Tableau?

How does login latency affect workbook performance?

How redundant and resilient is your Tableau infrastructure?

“ A proper and robust log analytics strategy

regarding Tableau’s infrastructure will enable
Tableau to become self-healing and automated.”

The answers to questions like these will help guide integration efforts. For example:

In a geographically diverse network, Tableau could visualize specific geographic

regions with latency issues.

In an environment trying to maximize business intelligence, Logentries could report

on slow Tableau workbooks with poor performance, slow queries, and slow filters.

Having a diverse environment with both employees and customers, you can easily
see who downloads content and in what format (png/csv/twb).

7
 logentries.com

Proactively stop a Tableau extract from executing based on log analysis.

How will the A.I.M stack improve your analytical operation? For example, if you
just monitor, then what action do you intend to take if there is consistently slow
performing content.

In a large organization, how fast can you move on alerts and what alerts can you
safely push to the end of the line?

The integrity of your Analytics infrastructure is directly related to the adoption

and use of valid and clean data: not understanding bottlenecks can lead to
inefficiencies.

“ The integrity of your Analytics infrastructure is

directly related to the adoption of the service.”

8
 logentries.com

Alerting
Integration
Monitoring

9
 logentries.com

Alerting
The reactive piece of the A.I.M. implementation is the ability to alert on Tableau operational
data from within Logentries. Alerting provides opportunities for action to resolve system and
user issues as soon as they occur. Resolving issues even before users realize they are there is a
massive boon for a successful user experience.

Tableau Performance
The speed with which issues in Tableau are addressed can be key for wide organizational
adoption. Logentries can examine data for trouble and alert the correct individuals immediately.
This is especially useful for helping users better utilize Tableau:

• If a user query takes over N seconds, then send an email to them and/or the
administrators so that the query can be optimized. Tableau administrators could reach
out to users to help them fine tune the query.

• Workbooks that are consuming too much data can be modified to be more focused
before their indexes grow too large and affect system operation.

• Dashboards that that take too long to load can be identified early and the owner can
be notified on ways to best enhance the dashboard.

• User password change requests (when Tableau is configured for local authentication)
could be fully automated through Logentries actionability.

• Logins occurring at unusual times or at an abnormal frequency are sent as immediate

action items.

• Sudden increases in downloaded data can alert the Tableau admin team

10
 logentries.com

Server Performance
Logentries can also be used to alert when the server supporting Tableau begins
to experience issues before it impacts users. Being able to address issues with the
components supporting Tableau are as important as addressing issues in Tableau. There
are a wide range of possible alerts that can be sent for supporting Tableau’s operations.

• Has the CPU or memory utilizations spiked to worrisome levels?

• Are users regularly experiencing 404s or 500s when trying to reach certain
dashboards?

• Has latency reached unacceptable levels for some urls the server provides?

• Is the server experiencing a DDOS attack?

Third Party Tools

Alerting also incorporates the use of third party tools to bring attention to an issue
even quicker than Logentries can alone. Logentries’ ability to act on log data can be
harnessed to notify administrators as soon as issues occur. Alerts can be sent over
email but that is only the beginning. Alerts can be sent from Logentries about your
Tableau implementation to a wide range of tools to make the necessary parties aware
immediately.

Here are some examples of third party tools that can be integrated for immediate
notification:

• Slack

• Hipchat

• iPhone Notifications

• Pagerduty

11
 logentries.com

Alerting
Integration
Monitoring

12
 logentries.com

Integration
Logentries and Tableau both offer multiple methods for integrating other systems with their
products. This is one part of what makes this partnership of products so powerful. They are
already equipped to work together. Depending on your needs, you may only need a connection
in one direction or both. This section will review the best integration methods for each integration
direction.

Moving Tableau Data Into Logentries

Logentries.com provides tools and resources that make sending data to Logentries
easy and powerful. The simplest integration methods to start with are the Logentries forwarding
agents.

Pulling Tableau log data into Logentries requires access to the

underlying operating system and/or file system so this is only possible
on installations you control. Tableau Online instances are not
candidates for this process.

Logentries provides agents for a large number of operating systems, including Windows. Since
Tableau runs on a Windows server, this is the most important one for integration purposes. For
more information see the Logentries Windows Agent Documentation.

One of the configuration options for the Windows Agent is “Text Logs”. Non-OS system logs are
identified here. The Logentries agent will monitor the log and upload entries. This is the section
where you need to include the path to your Tableau log data, which is probably here:

<drive>:\ProgramData\Tableau\Tableau Server\data\tabsvc\logs.

13
 logentries.com

A secondary option is to send the data to Logentries over an Internet connection using a
TCP Token. Logentries can accept data posted over a TCP or UDP connection to port 80, 514,
or 10000. A secure connection can be made to port 443. The data payload will need to include
the token id of the log to post to. The token id can be found on the log’s information page. Any
scripting language can be used as long as it has access to the Tableau log file when it runs.

Moving Logentries Data Into Tableau

Moving log data from Tableau into Logentries gives you powerful insight into how Tableau is
being used in your organization. Likewise, Tableau can be just as useful for understanding how
Logentries is being used in your organization. Alternatively, the data in Logentries can be moved
into Tableau to centralize your business intelligence, or to expose log data to a wide audience
while limiting Logentries access.

If any of these cases fit into your strategy then you will want to use the Logentries REST API to
pull data from your logs stored on Logentries.com into Tableau. The Logentries REST API provides
additional details about API usage and examples. The REST API is a robust entry point to your
Logentries data. It makes it possible to run queries against the data and return data sets. The
script to do this can be done externally to Tableau, or by using Tableau’s Web Data connector.

Mike Roberts, from Pluralsight, has created an easy to use PowerShell module for the purpose of
extracting Logentries data. The data can then be imported into Tableau. The Pluralsight case is
discussed in more detail in the Case Study presented at the end of this paper.

14
 logentries.com

Alerting
Integration
Monitoring

15
 logentries.com

Monitoring
Monitoring is the proactive portion of the A.I.M implementation. A successful monitoring strategy
will reveal trends over time. Trend data can then be examined inside Logentries and point to
proactive steps that should be taken to enhance the Tableau experience.

Tableau Performance
The performance of your Tableau system is key for wide organizational adoption. The power of
your data can only be harnessed if individuals find value in it. A slow response time or ineffective
Tableau dashboards will turn users off. The log data from Tableau can be used to understand the
performance of your Tableau implementation and how users are using it. This data can help you
understand, and therefore optimize, data such as:

• Workbook Performance

• Query Performance

• Dashboard Performance

• Most Used/Least Used

• Content permission integrity

From these details, you can further optimize and enhance your user’s Tableau experience. If you
can identify non-performant configurations in Tableau, then you can continually improve the
user experience. It won’t be necessary to wait for an alert to occur, you can proactively enhance
user experience.

16
 logentries.com

Server Performance
The best Tableau workbooks and dashboards will be useless if the underlying server can not
support it. The log data from the OS that Tableau sits on is just as valuable for optimizing the user
experience. Watching OS data over the long term will reveal weak points that can be addressed
before they affect the user.

For example, information you can monitor:

Is the the server CPU performing well, or is it reach max capacity on a regular basis?
Does the server need a more performant CPU?

How much memory is Tableau consuming? Does the machine need more memory.

Are their peak points of the day where the server uses more than normal machine
resources? Are there periods that use less resources? If so, you could save money
by reducing/increasing cloud resources dynamically during those periods.

When is the web server for Tableau seeing its most traffic?

How many failures are users encountering per hour on the web server?

Are there virtualizations that are used more often than expected and could be
exposed higher up on the dashboard?

17
 logentries.com

Conclusion
Tableau is all about leveraging data to support the organization in the decision making process.
This can be considered a crucial piece of a company’s ability to function. It is only natural then
that the tools to support it need to be monitored and acted upon when necessary. Logentries
is a strong partner for Tableau to ensure Tableau is there to support the organization when it is
needed. For your Tableau infrastructures, do not let adaptation be seen as indevciness; instead,
make your platform as robust and flexible as the technology allows. Give your customers access
to the data without having to worry about its structural integrity.

18
 logentries.com

Case Study: Pluralsight

Pluralsight uses Tableau and Logentries in a unique workflow showcasing the power both
platforms harness for organizing business data. Tableau is the primary source of data analysis
and aggregation crucial to their business. Logentries monitors the Tableau server to help
administrators keep Tableau as optimized and performant as possible. The integration between
the two platforms goes even farther. Using Logentries’ hooks for integration, Pluralsight can issue
immediate and automated feedback back to Tableau to keep it healthy.

Pluralsight offers a robust educational experience to its international subscriber base. Their course
library boasts over 5000 courses, all created by technological experts in their field. In addition to the
courses, there are skills checks, exercises, a mobile experience, offline access, and more.

The initial point of integration between Tableau and Logentries is for Tableau monitoring. With
a Powershell module and the Logentries REST API, Pluralsight sends Tableau’s log data into
Logentries. Log data for the underlying web services, currently running on an Apache Web Server,
are also collected and sent. The data is then parsed and inserted into Logentries. Administrators
can easily review and monitor Tableau performance statistics from within Logentries to provide
valuable insight into the organization’s Tableau usage.

The integration Pluralsight has created only starts at log data ingestion. Logentries also reacts to
incoming data that matches pre-configured triggers. Logentries automatically issues requests to
Tableau’s REST API to address situations that could be affecting performance in real-time. Real-
time reactions automatically keep Tableau in top performance shape without immediate human
intervention.

Pluralsight further enhances automated commands with Logentries’ third party tool integration.
Slack, a leading team messaging platform, is used to both notify administrators of situations and
to allow them to issue commands back to Tableau. The Slack integration is key to streamlining
Tableau administration. Slack integrates into Logentries, and Logentries in turn issues commands
to Tableau over a REST API.

19
 logentries.com

The full integration between all these products has yielded incredibly optimized
administrative capabilities. Pluralsight has been able to use this structure to perform a
wide variety of tasks, such as:

• Immediately recognizing security risks and, automatically, resolving them

• Preventing Tableau content permission drift (avoiding changes to structured permissions

which may have been left at default)

• Before newer Tableau versions, allowing users to automatically reset their password (via
Local authentication)

• Use Slack channel to allow users to refresh their extract (TWB or TDS)

• Pulling geographic data from Apache logs and analyzing Tableau content performance by region

• Real-time alerts on slow and non-performant content

• Real-time alerting on extract failures

• Custom Slack integration for extract failures (extract failure is sent as direct message

Pluralsight has truly unlocked the power of both tools to create a unique workflow. The system
integrations they have created has brought Logentries to a whole new level. Leveraging the many
integration points that Logentries provides has made their Tableau implementation even more
reactive and performant than many thought possible.

You can find additional detail on the A.I.M. stack that Pluralsight has created at:

• Logging from Tableau for Successful DataOps

• DataOps: How Pluralsight Uses Tableau & Logentries for Better Analytics

• Webinar Recap: Tableau Server Log Analytics

• Tableau Server Performance fun with Slack and Logentries

• Slack your Tableau Extract

• Slack your Tableau Extract – Part II

• Use the Logs: Tableau Server Log Analytics – Part 1

• Use the Logs: Tableau Server Log Analytics – Part 2

20
 logentries.com

Start your 30-Day Logentries

Free Trial Today.
Logentries seamlessly integrates with Tableau allowing you to quickly and easily aggregate,
visualize, and alert on your log data.

4 Unlimited log centralization 4 Real-time Alerts

4 Secure data transmission 4 Inactivity Alerts

4 Protection from log manipulation 4 Anomaly Detection

4 Easy search for known events & patterns 4 Data filtering & obfuscation

4 Full RegEx Support 4 Custom tagging of known events

4 Affordable plans 4 Custom retention policies

Figure: Customizable Dashboard view

Get started for free at logentries.com

21