One of the benefits of using a real time logging platform like Logentries is that it can be used to track your user sessions. Online retailers, for example, can utilize the client side logging aspect of our platform to garner valuable information, such as where customers are spending their time on their site, what product or products are highest in popularity, and where users are having issues on the site. Security gurus can use real time user tracking to respond to incidents in their environment, tracking users from firewall access all the way through to a breach on their corporate network.
Below are some of our top tips that you should keep in mind when thinking about setting up real time user session tracking. These tips used with our best practices for structured logging will get you up and running in no time.
Use unique identifiers in your logs to allow you to track particular user sessions or system transactions. Unique identifiers can be instrumental in narrowing down the large amount of log data into a manageable subset e.g. to track all activity from a given user. Such unique identifiers could be:
- User ID (email address, login name, social security number, etc.)
- Transaction ID (web session ID, SQL transaction ID, etc.)
- Account ID (company name, company billing code, etc)
Without unique identifiers it can be very difficult to piece together a given system transaction or related system events.
Logentries provides client side libraries for the following platforms:
These client side libraries can be utilized in your code base to track end user activity and log directly from the client device or user’s browser to Logentries. Thus they can be used to track specific user actions within a web or mobile app such as:
12:43.21 12/03/14 – client=Android userID=12345678 action=’clicked-like-button’ actionRecipientID=12322333 responseTime=134 serverResponse=200 device=’HTC One’ `` ## Add a valuable payload Add pertinent information to the payload of the log entry. This can provide additional context that can provide additional insights as to what the user is doing and also can allow you to get some visibility into the users experience in your app. For instance, when setting up logging for a web server that is used for e-commerce, the following values can be useful to add to your payload: * Response Time: how long the server took to respond to the user’s request * Transaction Value: how much was the transaction worth, in the case of a purchase for example * User Context: where did the user come from (e.g., Google) or what else had the user clicked on before purchasing This type of information can be used to get a fuller picture of user base and user transactions across your site. Naturally if there is information that is more relevant for your use case you can add that too. ## How to track user sessions Tracking user sessions is easy in Logentries as specific functions and tools have been added to perform this task. By adding unique identifiers to your logging structures (e.g., UserID, AccountID, TransactionID) it is possible to track a specific user or transaction across multiple logs. This capability comes in handy in two locations within Logentries: * Live Tail: Using Live Tail view of a log you can troubleshoot a user session in real time. This gives you the capability to assist the user with issues, track important information, and see instantaneously what a user is doing. And when we say real time we mean seconds not minutes. * Aggregate View – By selecting multiple logs across your environment you can track a user’s steps through your environment all the way from their client devices, through your web and application servers and all the way to your backend database. For example if you have a transactionID or userID logged by your different components you can perform a search in the aggregated view to follow a transaction from beginning to end. * GroupBy: Using our GroupBy function, you can obtain an aggregate view of the most common system functions that all users have been carrying out. A great way to do this is to group log events by user actions to get a break down of what the most common user behavior is and how this breaks down over the past 5 mins, hour, day or week for example. Using the payload information above along with unique identifiers, it’s now possible to get a list of your top users or accounts across your entire site. Using the following search will give you the top purchasing accounts within your system.
where(purchase-action) groupby(Account) calculate(count)
You can also click on the graphs tab on that page to get a higher level view of all your actions over time.