日志、监控与告警体系建设
2025/9/7大约 10 分钟
日志、监控与告警体系建设
在现代软件系统中,可观测性(Observability)已成为保障系统稳定性和可维护性的核心要素。对于测试平台而言,建立完善的日志、监控与告警体系不仅是系统运维的基础,更是持续改进和优化平台性能的重要手段。一个良好的可观测性体系能够帮助我们快速定位问题、预防故障发生,并为平台的演进提供数据支撑。
可观测性的核心价值
问题快速定位
当系统出现异常时,完善的日志和监控体系能够帮助我们:
- 快速识别问题根源:通过日志追踪和指标分析,快速定位问题发生的具体位置
- 缩短故障恢复时间:减少MTTR(Mean Time To Recovery),提高系统可用性
- 降低排查成本:避免盲目排查,提高问题定位效率
系统性能优化
通过持续的监控和数据分析,我们可以:
- 识别性能瓶颈:发现系统中的性能热点和资源瓶颈
- 优化资源配置:根据实际使用情况调整资源分配
- 预测容量需求:基于历史数据预测未来的资源需求
业务价值洞察
可观测性体系还能帮助我们:
- 了解用户行为:通过用户操作日志分析用户使用习惯
- 评估功能效果:通过指标变化评估新功能的业务价值
- 驱动产品决策:基于数据洞察指导产品演进方向
日志体系建设
日志架构设计
一个完善的日志体系应该包含以下几个层次:
- 日志采集层:负责从各个服务中收集日志数据
- 日志传输层:负责将日志数据安全可靠地传输到存储系统
- 日志存储层:负责日志数据的持久化存储和索引
- 日志分析层:负责日志数据的查询、分析和可视化
日志采集策略
@Component
public class LogCollector {
private static final Logger logger = LoggerFactory.getLogger(LogCollector.class);
// 应用日志采集
public void collectApplicationLogs() {
// 配置Logback或Log4j2
LoggerContext context = (LoggerContext) LoggerFactory.getILoggerFactory();
// 设置日志级别
Logger rootLogger = context.getLogger(Logger.ROOT_LOGGER_NAME);
rootLogger.setLevel(Level.INFO);
// 配置日志输出格式
PatternLayoutEncoder encoder = new PatternLayoutEncoder();
encoder.setContext(context);
encoder.setPattern("%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n");
encoder.start();
// 配置日志文件输出
RollingFileAppender<ILoggingEvent> fileAppender = new RollingFileAppender<>();
fileAppender.setContext(context);
fileAppender.setName("FILE");
fileAppender.setFile("logs/application.log");
// 配置滚动策略
SizeAndTimeBasedRollingPolicy<ILoggingEvent> rollingPolicy = new SizeAndTimeBasedRollingPolicy<>();
rollingPolicy.setContext(context);
rollingPolicy.setParent(fileAppender);
rollingPolicy.setFileNamePattern("logs/application.%d{yyyy-MM-dd}.%i.log");
rollingPolicy.setMaxFileSize(FileSize.valueOf("100MB"));
rollingPolicy.setTotalSizeCap(FileSize.valueOf("10GB"));
rollingPolicy.setMaxHistory(30);
rollingPolicy.start();
fileAppender.setRollingPolicy(rollingPolicy);
fileAppender.setEncoder(encoder);
fileAppender.start();
rootLogger.addAppender(fileAppender);
}
// 结构化日志记录
public void logStructuredEvent(String eventType, Map<String, Object> eventData) {
StructuredLogEvent event = StructuredLogEvent.builder()
.timestamp(Instant.now())
.eventType(eventType)
.eventData(eventData)
.traceId(MDC.get("traceId"))
.userId(MDC.get("userId"))
.sessionId(MDC.get("sessionId"))
.build();
logger.info("{}", JsonUtils.toJson(event));
}
}日志格式标准化
{
"timestamp": "2025-09-07T10:30:45.123Z",
"level": "INFO",
"service": "test-platform-api",
"traceId": "abc123def456",
"spanId": "789ghi012",
"thread": "http-nio-8080-exec-1",
"logger": "com.testplatform.service.TestCaseService",
"message": "Test case executed successfully",
"context": {
"testCaseId": "TC-001",
"executionTime": 1250,
"result": "PASSED"
},
"tags": {
"environment": "production",
"version": "1.2.3"
}
}日志存储与查询
@Service
public class LogStorageService {
@Autowired
private ElasticsearchTemplate elasticsearchTemplate;
public void storeLog(LogEntry logEntry) {
// 构建索引名称(按天分片)
String indexName = "test-platform-logs-" + LocalDate.now().format(DateTimeFormatter.BASIC_ISO_DATE);
// 存储日志
IndexQuery indexQuery = new IndexQueryBuilder()
.withIndex(indexName)
.withObject(logEntry)
.build();
elasticsearchTemplate.index(indexQuery);
}
public List<LogEntry> searchLogs(LogSearchCriteria criteria) {
// 构建查询条件
BoolQueryBuilder queryBuilder = QueryBuilders.boolQuery();
// 时间范围查询
if (criteria.getStartTime() != null && criteria.getEndTime() != null) {
queryBuilder.must(QueryBuilders.rangeQuery("timestamp")
.gte(criteria.getStartTime())
.lte(criteria.getEndTime()));
}
// 服务名称查询
if (StringUtils.isNotBlank(criteria.getServiceName())) {
queryBuilder.must(QueryBuilders.termQuery("service", criteria.getServiceName()));
}
// 日志级别查询
if (criteria.getLogLevel() != null) {
queryBuilder.must(QueryBuilders.termQuery("level", criteria.getLogLevel().name()));
}
// 关键词查询
if (StringUtils.isNotBlank(criteria.getKeyword())) {
queryBuilder.must(QueryBuilders.matchQuery("message", criteria.getKeyword()));
}
// 执行查询
SearchQuery searchQuery = new NativeSearchQueryBuilder()
.withQuery(queryBuilder)
.withPageable(PageRequest.of(criteria.getPage(), criteria.getSize()))
.withSort(SortBuilders.fieldSort("timestamp").order(SortOrder.DESC))
.build();
return elasticsearchTemplate.queryForList(searchQuery, LogEntry.class);
}
}监控体系建设
监控指标设计
监控指标应该覆盖系统的各个方面:
- 基础设施指标:CPU、内存、磁盘、网络等
- 应用性能指标:响应时间、吞吐量、错误率等
- 业务指标:用户活跃度、功能使用率、转化率等
- 平台运营指标:任务执行成功率、资源利用率等
自定义指标收集
@Component
public class CustomMetricsCollector {
private final MeterRegistry meterRegistry;
// 计数器指标
private final Counter testCaseExecutionCounter;
private final Counter testFailureCounter;
// 计时器指标
private final Timer testCaseExecutionTimer;
// 直方图指标
private final DistributionSummary testCaseDurationSummary;
// Gauge指标
private final AtomicInteger activeTestSessions;
public CustomMetricsCollector(MeterRegistry meterRegistry) {
this.meterRegistry = meterRegistry;
// 初始化计数器
this.testCaseExecutionCounter = Counter.builder("test.case.executions")
.description("测试用例执行次数")
.tag("service", "test-platform")
.register(meterRegistry);
this.testFailureCounter = Counter.builder("test.case.failures")
.description("测试用例失败次数")
.tag("service", "test-platform")
.register(meterRegistry);
// 初始化计时器
this.testCaseExecutionTimer = Timer.builder("test.case.execution.time")
.description("测试用例执行时间")
.tag("service", "test-platform")
.register(meterRegistry);
// 初始化直方图
this.testCaseDurationSummary = DistributionSummary.builder("test.case.duration")
.description("测试用例执行时长分布")
.tag("service", "test-platform")
.register(meterRegistry);
// 初始化Gauge
this.activeTestSessions = new AtomicInteger(0);
Gauge.builder("test.active.sessions")
.description("活跃测试会话数")
.tag("service", "test-platform")
.register(meterRegistry, activeTestSessions, AtomicInteger::get);
}
public void recordTestCaseExecution(String testCaseType, long durationMs, boolean success) {
// 记录执行次数
testCaseExecutionCounter.increment(Tag.of("type", testCaseType));
// 记录执行时间
testCaseExecutionTimer.record(durationMs, TimeUnit.MILLISECONDS,
Tag.of("type", testCaseType));
// 记录时长分布
testCaseDurationSummary.record(durationMs);
// 记录失败情况
if (!success) {
testFailureCounter.increment(Tag.of("type", testCaseType));
}
}
public void incrementActiveSessions() {
activeTestSessions.incrementAndGet();
}
public void decrementActiveSessions() {
activeTestSessions.decrementAndGet();
}
}JVM监控集成
@Configuration
public class JvmMonitoringConfig {
@Bean
public TimedAspect timedAspect(MeterRegistry registry) {
return new TimedAspect(registry);
}
@Bean
public MeterBinder jvmThreadMetrics() {
return new JvmThreadMetrics();
}
@Bean
public MeterBinder jvmMemoryMetrics() {
return new JvmMemoryMetrics();
}
@Bean
public MeterBinder jvmGcMetrics() {
return new JvmGcMetrics();
}
@Bean
public MeterBinder classLoaderMetrics() {
return new ClassLoaderMetrics();
}
@Bean
public MeterBinder uptimeMetrics() {
return new UptimeMetrics();
}
}数据库监控
@Component
public class DatabaseMonitoringAspect {
private final MeterRegistry meterRegistry;
private final Timer dbQueryTimer;
private final Counter dbErrorCounter;
public DatabaseMonitoringAspect(MeterRegistry meterRegistry) {
this.meterRegistry = meterRegistry;
this.dbQueryTimer = Timer.builder("database.query.duration")
.description("数据库查询耗时")
.register(meterRegistry);
this.dbErrorCounter = Counter.builder("database.query.errors")
.description("数据库查询错误次数")
.register(meterRegistry);
}
@Around("@annotation(MonitorDBQuery)")
public Object monitorDatabaseQuery(ProceedingJoinPoint joinPoint) throws Throwable {
Timer.Sample sample = Timer.start(meterRegistry);
try {
Object result = joinPoint.proceed();
sample.stop(dbQueryTimer);
return result;
} catch (Exception e) {
dbErrorCounter.increment();
sample.stop(Timer.builder("database.query.duration")
.tag("result", "error")
.register(meterRegistry));
throw e;
}
}
}
@Retention(RetentionPolicy.RUNTIME)
@Target(ElementType.METHOD)
public @interface MonitorDBQuery {
}告警体系建设
告警策略设计
告警策略应该遵循以下原则:
- 及时性:在问题发生时尽快通知相关人员
- 准确性:避免误报和漏报
- 可操作性:告警信息应该包含足够的上下文和处理建议
- 分级管理:根据问题严重程度设置不同的告警级别
告警规则配置
# Prometheus告警规则示例
groups:
- name: test-platform-alerts
rules:
- alert: HighErrorRate
expr: rate(test_case_failures_total[5m]) / rate(test_case_executions_total[5m]) > 0.05
for: 2m
labels:
severity: warning
annotations:
summary: "测试用例错误率过高"
description: "过去5分钟测试用例错误率超过5%,当前值为 {{ $value }}"
- alert: HighLatency
expr: histogram_quantile(0.95, sum(rate(test_case_execution_time_seconds_bucket[5m])) by (le)) > 10
for: 2m
labels:
severity: critical
annotations:
summary: "测试执行延迟过高"
description: "95%的测试用例执行时间超过10秒,当前值为 {{ $value }} 秒"
- alert: LowResourceAvailability
expr: test_active_sessions / test_max_sessions > 0.8
for: 5m
labels:
severity: warning
annotations:
summary: "测试资源紧张"
description: "活跃测试会话数占最大会话数的比例超过80%,当前值为 {{ $value }}"告警处理机制
@Service
public class AlertHandlingService {
@Autowired
private NotificationService notificationService;
@Autowired
private IncidentManagementService incidentManagementService;
public void handleAlert(AlertEvent alertEvent) {
// 记录告警事件
logAlertEvent(alertEvent);
// 根据告警级别处理
switch (alertEvent.getSeverity()) {
case CRITICAL:
handleCriticalAlert(alertEvent);
break;
case WARNING:
handleWarningAlert(alertEvent);
break;
case INFO:
handleInfoAlert(alertEvent);
break;
}
// 创建或更新事件单
createOrUpdateIncident(alertEvent);
}
private void handleCriticalAlert(AlertEvent alertEvent) {
// 立即通知值班人员
notificationService.sendCriticalAlert(alertEvent);
// 触发自动恢复机制
triggerAutoRecovery(alertEvent);
// 创建紧急事件单
incidentManagementService.createCriticalIncident(alertEvent);
}
private void handleWarningAlert(AlertEvent alertEvent) {
// 通知相关团队
notificationService.sendWarningAlert(alertEvent);
// 记录到问题跟踪系统
issueTrackingService.createIssue(alertEvent);
}
private void handleInfoAlert(AlertEvent alertEvent) {
// 记录到日志系统
log.info("Received info alert: {}", alertEvent.getMessage());
}
private void triggerAutoRecovery(AlertEvent alertEvent) {
switch (alertEvent.getAlertType()) {
case HIGH_ERROR_RATE:
// 重启相关服务
serviceManagementService.restartService(alertEvent.getServiceName());
break;
case LOW_RESOURCE_AVAILABILITY:
// 扩容资源
resourceManagementService.scaleUp(alertEvent.getServiceName());
break;
}
}
}告警通知渠道
@Service
public class NotificationService {
public void sendCriticalAlert(AlertEvent alertEvent) {
// 发送电话通知
sendPhoneCall(alertEvent);
// 发送短信通知
sendSMS(alertEvent);
// 发送邮件通知
sendEmail(alertEvent);
// 发送即时通讯通知
sendIMMessage(alertEvent);
}
public void sendWarningAlert(AlertEvent alertEvent) {
// 发送邮件通知
sendEmail(alertEvent);
// 发送即时通讯通知
sendIMMessage(alertEvent);
}
private void sendPhoneCall(AlertEvent alertEvent) {
PhoneCallRequest request = PhoneCallRequest.builder()
.to(getOnCallEngineerPhone())
.message(buildAlertMessage(alertEvent))
.priority(PhoneCallPriority.HIGH)
.build();
phoneCallService.makeCall(request);
}
private void sendSMS(AlertEvent alertEvent) {
SMSRequest request = SMSRequest.builder()
.to(getOnCallEngineerPhone())
.message(buildAlertMessage(alertEvent))
.build();
smsService.sendSMS(request);
}
private void sendEmail(AlertEvent alertEvent) {
EmailRequest request = EmailRequest.builder()
.to(getRelevantTeamEmails(alertEvent))
.subject(buildAlertSubject(alertEvent))
.body(buildAlertEmailBody(alertEvent))
.priority(alertEvent.getSeverity() == AlertSeverity.CRITICAL ?
EmailPriority.HIGH : EmailPriority.NORMAL)
.build();
emailService.sendEmail(request);
}
private void sendIMMessage(AlertEvent alertEvent) {
IMMessageRequest request = IMMessageRequest.builder()
.channels(getRelevantIMChannels(alertEvent))
.message(buildAlertIMMessage(alertEvent))
.build();
imService.sendMessage(request);
}
}可视化监控面板
Grafana仪表板设计
{
"dashboard": {
"title": "测试平台监控面板",
"panels": [
{
"title": "测试执行概览",
"type": "graph",
"targets": [
{
"expr": "rate(test_case_executions_total[5m])",
"legendFormat": "执行速率"
},
{
"expr": "rate(test_case_failures_total[5m])",
"legendFormat": "失败速率"
}
]
},
{
"title": "测试执行延迟",
"type": "heatmap",
"targets": [
{
"expr": "test_case_execution_time_seconds_bucket",
"format": "heatmap"
}
]
},
{
"title": "资源使用情况",
"type": "singlestat",
"targets": [
{
"expr": "test_active_sessions / test_max_sessions * 100",
"legendFormat": "资源使用率"
}
]
}
]
}
}自定义监控页面
@Controller
@RequestMapping("/monitoring")
public class MonitoringDashboardController {
@Autowired
private MetricsService metricsService;
@GetMapping("/dashboard")
public String getDashboard(Model model) {
// 获取关键指标
DashboardMetrics metrics = metricsService.getDashboardMetrics();
model.addAttribute("metrics", metrics);
model.addAttribute("refreshInterval", 30); // 30秒刷新一次
return "monitoring/dashboard";
}
@GetMapping("/api/metrics")
@ResponseBody
public DashboardMetrics getMetrics() {
return metricsService.getDashboardMetrics();
}
@GetMapping("/alerts")
public String getAlerts(Model model) {
List<AlertEvent> recentAlerts = alertService.getRecentAlerts(Duration.ofHours(24));
model.addAttribute("alerts", recentAlerts);
return "monitoring/alerts";
}
}监控数据存储与分析
时序数据库选型
对于监控数据的存储,时序数据库是最佳选择:
- Prometheus:适用于指标数据存储和查询
- InfluxDB:支持高写入吞吐量和复杂查询
- TimescaleDB:基于PostgreSQL的时序数据库扩展
数据保留策略
# Prometheus数据保留配置
prometheus:
storage:
tsdb:
retention.time: 30d # 保留30天数据
retention.size: 50GB # 保留50GB数据
# Elasticsearch日志保留配置
elasticsearch:
indices:
lifecycle:
policy:
test-platform-logs:
phases:
hot:
actions:
rollover:
max_age: "7d"
max_size: "50gb"
delete:
min_age: "30d"
actions:
delete: {}异常检测算法
@Service
public class AnomalyDetectionService {
public boolean isAnomalous(MetricData metricData) {
// 使用统计学方法检测异常
return detectUsingStatisticalMethod(metricData) ||
detectUsingMachineLearningMethod(metricData);
}
private boolean detectUsingStatisticalMethod(MetricData metricData) {
// 3σ原则检测
double mean = metricData.getHistoricalMean();
double stdDev = metricData.getHistoricalStdDev();
double currentValue = metricData.getCurrentValue();
return Math.abs(currentValue - mean) > 3 * stdDev;
}
private boolean detectUsingMachineLearningMethod(MetricData metricData) {
// 使用孤立森林算法检测异常
IsolationForestModel model = loadModel(metricData.getMetricName());
double anomalyScore = model.predict(metricData.getValues());
return anomalyScore > ANOMALY_THRESHOLD;
}
}最佳实践与经验总结
监控覆盖度评估
@Service
public class MonitoringCoverageService {
public MonitoringCoverageReport generateCoverageReport() {
// 统计已监控的服务数量
int monitoredServices = countMonitoredServices();
// 统计总服务数量
int totalServices = countTotalServices();
// 统计已配置告警的指标数量
int alertingMetrics = countAlertingMetrics();
// 统计总关键指标数量
int totalCriticalMetrics = countCriticalMetrics();
return MonitoringCoverageReport.builder()
.serviceCoverage((double) monitoredServices / totalServices)
.metricCoverage((double) alertingMetrics / totalCriticalMetrics)
.recommendations(generateCoverageRecommendations())
.build();
}
}性能优化建议
- 采样策略:对于高频指标,采用合理的采样策略减少存储压力
- 索引优化:为常用查询字段建立合适的索引
- 数据压缩:启用数据压缩减少存储空间占用
- 缓存机制:对热点数据使用缓存提高查询性能
安全与权限控制
@Component
public class MonitoringAccessControl {
public boolean canViewMetrics(String userId, String serviceName) {
// 检查用户权限
if (!userService.hasRole(userId, "MONITORING_VIEWER")) {
return false;
}
// 检查服务访问权限
return userService.canAccessService(userId, serviceName);
}
public boolean canConfigureAlerts(String userId, String serviceName) {
// 检查用户权限
if (!userService.hasRole(userId, "MONITORING_ADMIN")) {
return false;
}
// 检查服务管理权限
return userService.canManageService(userId, serviceName);
}
}总结
日志、监控与告警体系建设是测试平台可运维性的基础。通过建立完善的可观测性体系,我们能够:
- 提升系统稳定性:通过实时监控和告警,及时发现并处理问题
- 优化系统性能:通过数据分析和趋势预测,持续优化系统性能
- 降低运维成本:通过自动化监控和告警处理,减少人工干预
- 支撑业务决策:通过数据洞察,为业务决策提供有力支撑
在实施过程中,需要注意以下关键点:
- 分层设计:按照业务重要性分层设计监控策略
- 适度监控:避免过度监控带来的性能开销
- 持续优化:根据实际使用情况持续优化监控策略
- 团队协作:建立跨团队的监控和告警处理机制
通过持续完善日志、监控与告警体系,测试平台能够更好地支撑业务发展,为用户提供稳定可靠的服务。