0

Consider a large multi-tier enterprise web application and many services with very complex functionality, mostly written in .NET (C#) on the server side and obviously html and javascript on the client, consisting of many hundred pages with the amount of service calls (actions) well in the thousands, hosted on multiple servers and developed over 15 years. Some parts are very new and modern, other parts are legacy.

Some parts of this application are obsolete and nobody actually uses those parts anymore. Whether these are whole unused sub-applications, unused pages, files, service calls, methods or even lines of code, doesn't matter. Older parts do not provide any usage statistics but do use dependency injection.

How can one automatically find out, based on access to production servers, which parts are unused, without changing the actual source code? So the question is not finding unreferenced / unreachable code. It's about finding parts that users don't actually use anymore.

One option could be looking at query logs. This discovers unused pages, but it is very difficult (a tedious manual process) to find out which parts in the background are used by those pages only.

Another option could probably be monitoring file access on servers. Does that make sense? Would that be feasible?

Yet another thought is doing something like test coverage tools do, but not during testing. Could coverage (something like lines of code executed) be measured in a live C#.NET application, assuming that debug symbols are available?

Gabor Lengyel
  • 14,129
  • 4
  • 32
  • 59
  • I think without proper logging or tracing this would not be possible. May be you can attach a profiler, but this will tell you only bottlenecks in performance and memory usage. – Jehof Nov 16 '16 at 12:01
  • There are various approaches, but a common one is similar to Application Insights in Azure where a developer explicitly collect usage data from the application and then analyze which functionalities are never used, https://azure.microsoft.com/en-us/services/application-insights/ – Lex Li Nov 16 '16 at 12:14

2 Answers2

1

You can use ReSharper. It will tell you such problems while you're coding.

However you can also detect problems afterwards. In the Menu you will find the entry "ReSharper > Inspect > Code Issues in Solution". It will create a report, there you will find it under "Redundancies in Code".

makzr
  • 355
  • 2
  • 7
  • Thank you, I meant something different, I will edit the question, sorry. I did not mean code never called at all, I meant parts of the application not catually used by users. So pretty much all of the code is referenced, it's just old and not used by people anymore. – Gabor Lengyel Nov 16 '16 at 11:53
1

It is hard to give an answer without really knowing the situation. However, I do not think there is some automatic or easy way. I do not know the best solution, but I can tell you what I would do. I would start with collecting all log files from the (IIS?) server (for at least a year, code could be used once a year) and analyze those. This should give you the best insight on which parts are called externally. You do have those logs?

Also check the eventlogs. Sometimes there are messages like 'Directory does not exist', which could mean that the service isn't working for years but nobody noticed. And check for redundant applications, perhaps applications are active on multiple servers.

Check inside tables with time indications and loginfo for recent entries.

Checking the dates on files and analyzing the database may provide additional information, but I don't think it will really help.

Make a list of all applications that you think are obsolete, based on user input or applications that should be obsolete.

Use your findings to create a list based on the probability that application /code is obsolete. Next steps, based on your list, could be:

  • remove redundant applications.
  • look for changes in the datamodel of filesystem and check if these still match with the code.
  • analyze the database for invalid queries. This could indicate that the datamodel has changed, causing the application to stop working. If nobody noticed then this application or functionality is obsolete.
  • add logging to the code where you have doubts.
  • look at application level and start with marking calls as obsolete, comment / removing unused code or redirect to (new) equivalent code.
  • turn off applications and monitor what happens. If there is a dependency then you can take action to remove this dependency or choose to let the application live.

Monitoring the impact of your actions will help you to sort things out. I hope this answer gives you some ideas.

-- UPDATE --

There may be logging available, but collecting, reading and interpreting may be hard and time consuming. To make it easier to monitor you could think of the following:

  • monitor database: you can use the profiler tool, but it may be easier to create a trigger that logs all CRUD operations with all the information you need. Create a program that can read the scheme of the database and filter the log by table, stored procedure, view to determine what isn't used. I didn't investigate, but perhaps you can monitor rollbacks and exceptions as well.

  • monitor IIS. There are off course the log files, but you can also think of adding a Module to the website where you can write custom code to monitor whatever you want. All traffic passes the module. Take a look here: https://www.iis.net/learn/develop/runtime-extensibility/developing-iis-modules-and-handlers-with-the-net-framework. If I am not mistaken all you have to do is add the module to the website and configure the website to use the module. Create a program to filter the log on url, status, ip, identification, etc. to determine what is used.

I think that is sufficient for first analysis. It then comes to interpreting the logs. Perhaps you'll see a way to combine the logs so you can link a request to certain database actions, without having to look in or change the code. Just some thoughts.

  • Thank you for taking the time and providing input, this is about what could be done manually, a definite upvote. :) I am trying to find out whether there is a way to automate as much of this as possible and what the best approach would be for potential automation, hoping to gather ideas to help with that aspect, but I'm afraid you are right, it cannot be done automatically. As I think it's not theoretically impossible though, automating this might as well be a product by itself. :) Given a production server process and environment along with debug symbols should allow for runtime analysis. – Gabor Lengyel Nov 16 '16 at 13:07
  • Perhaps I have some additional ideas. Are you using IIS and are there parts where Entity Framework is used? And do you need historical data or do you have time to monitor for some time? –  Nov 16 '16 at 13:47
  • IIS, yes. Some parts use EF. Let's suppose I have time to monitor for a year. – Gabor Lengyel Nov 16 '16 at 22:07
  • In addition you can create or find a tool to collect entries from the eventlogs of the servers which can give extra information. –  Nov 17 '16 at 10:30