unifying events logs into the cloud
play

Unifying Events & Logs into the Cloud Eduardo Silva August 17, - PowerPoint PPT Presentation

Dec 01, 2023 •918 likes •1.5k views

Unifying Events & Logs into the Cloud Eduardo Silva August 17, 2015 eduardo@treasuredata.com CloudOpen/LinuxCon, Seattle @ edsiper About Me Eduardo Silva Github & Twitter @edsiper Personal Blog

  1. Unifying Events & Logs into the Cloud Eduardo Silva August 17, 2015 eduardo@treasuredata.com CloudOpen/LinuxCon, Seattle @ edsiper

  2. About Me Eduardo Silva ● Github & Twitter @edsiper ● Personal Blog http://edsiper.linuxchile.cl Treasure Data ● Open Source Engineer ● Fluentd / Fluent Bit http://github.com/fmuent Projects ● Monkey HTTP Server http://monkey-project.com ● Duda I/O http://duda.io

  3. Logging

  4. Logging Matters Pros ● Application status ● Debugging ● General information about anomalies: errors ● Troubleshooting / Support ● Local or Remote (network)

  5. Logging Matters From a business point of view ● Input data Analytics → ● User interaction / behaviors ● Improvements

  6. Assumptions

  7. Logging Matters Assumptions ● I have enough disk space ● I/O operations will not block ● Log messages are human readable ● My logging mechanism scale

  8. Logging Matters Assumptions Basically, yeah.. it should work.

  9. Concerns

  10. Logging Matters Concerns ● Logs increase = data increase ● Message format get more complex ● Did the Kernel fmush the bufgers ? (sync(2)) ● Multi-thread application ?, locking ? ● M ultiple Applications = M ultiple Logs

  11. Logging Matters Concerns If M ultiple Applications = M ultiple logs M ultiple Hosts x M ultiple Applications = ???

  12. OK, so: 1. Logging matters 2. It's really benefjcial 3. but...

  13. It needs to be done right.

  14. Logging Common sources & inputs ● Application Logs ● Apache ● NginX ● Syslog (-ng) ● Custom applications / Languages ● C, Ruby, Python, PHP, Perl, NodeJS, Java, etc.

  15. In a galaxy not so far away...

  17. How to parse/store multiple data sources ? note: performance matters!

  19. Fluentd is an open source data collector It let's you unify the data collection for a better use and understanding of data.

  20. before

  21. after

  22. Fluentd Highlights ● High Performance ● Built-in Reliability ● Structured Logs ● Plug gable Architecture ● More than 300 plugins! (input/fjltering/output)

  23. Fluentd Architecture

  24. Fluentd Internals simplifjed

  25. Fluentd Input plugins

  26. Fluentd Output plugins

  27. Fluentd Buffer plugins

  28. Fluentd Buffer plugins

  30. M x N → M + N

  31. Fluentd Simple Forwarding

  32. Fluentd Simple Forwarding: confjguration # logs from a fjle # store logs to MongoDB <source> <match backend.*> type tail type mongo path /var/log/httpd.log database fmuent format apache2 collection test tag backend.apache </match> </source> # logs from client libraries <source> type forward port 24224 </source>

  33. Fluentd Less Simple Forwarding

  34. Fluentd Lambda Architecture

  35. Fluentd # logs from a fjle # store logs to MongoDB <source> <match *.*> type tail type copy path /var/log/httpd.log <store> format apache2 type elasticsearch tag backend.apache logstash_format true </source> </store> # logs from client libraries <store> <source> type webhdfs type forward host 192.x.y.z port 24224 port 50070 </source> path /path/to/hdfs </store> </match>

  36. Who uses Fluentd in production ?

  39. We collect 800k events per second !

  40. Internet of Things

  41. Internet of Things Facts ● IoT will grow to many billions of devices over the next decade. ● Now it's about device to device connectivity. ● Difgerent frameworks and protocols are emerging. ● It needs Logging .

  42. Internet of Things Alliances Vendors formed alliances to join forces and develop generic software layers for their products:

  43. Internet of Things Solutions provided Alliance Framework → →

  44. IoT & Big Data Analytics IoT requires a generic solution to collect events and data from difgerent sources for further analysis. Data can come from a specifjc framework, radio device, sensor or other. How do we collect and unify data properly ?

  45. @fluentbit

  46. Fluent Bit is an open source data collector It let's you collect data from IoT/Embedded devices and transport It to third party services.

  47. Fluent Bit Targets ● Services ● Sensors / Signals / Radios ● Operating System information ● Automotive / Telematics

  48. Fluent Bit Requirements IoT and Embedded environment requires special handling, specifjcally on performance and resource utilization: ● Lightweight ● Written in C Language ● Customizable, pluggable architecture ● Full integration with Fluentd

  49. Fluent Bit Integration

  50. Fluent Bit Direct Output

  51. Containers

  53. Docker Logging driver ● Docker v1.6 released the concept of logging drivers ● Route container output ● Fluentd ?

  54. Docker

  55. Docker v1.8 Fluentd Logging driver!

  56. We Love Data! ● http://fmuentd.org ● http://fmuentbit.io ● https://docs.docker.com/reference/logging/fmuentd/ ● http://github.com/fmuent/fmuentd Thank you!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Harvesting Logs and Events Using MetaCentrum Virtualization Services Radoslav Bod, Daniel

Harvesting Logs and Events Using MetaCentrum Virtualization Services Radoslav Bod, Daniel

Harvesting Logs and Events Using MetaCentrum Virtualization Services Radoslav Bod, Daniel Kouil CESNET EGI Community Forum, April 2013 Agenda Introduction Collecting logs Log Processing Advanced analysis Resume

601 views • 44 slides
Log all the things! Honza Krl @honzakral Logs? Events! Log lines Twitter feed Invoices

Log all the things! Honza Krl @honzakral Logs? Events! Log lines Twitter feed Invoices

Log all the things! Honza Krl @honzakral Logs? Events! Log lines Twitter feed Invoices Metrics Why? What happened last Tuesday? Grep? Multiple machines Multiple logs Analysis/Discovery Time period Time? Time?! Time! apache

592 views • 33 slides
Unifying Carrier and Cloud Networks: Problem Statement and Challenges

Unifying Carrier and Cloud Networks: Problem Statement and Challenges

Unifying Carrier and Cloud Networks: Problem Statement and Challenges draft-unify-nfvrg-challenges-02 Diego Daino (Telecom Italia) A. Csaszar (Ericsson) R. Szabo (Ericsson) K. Pentikousis (EICT) Z. Qiang (Ericsson) M. Kind (Deutsche Telekom

322 views • 9 slides
Logs on Logs on Logs No More Append Atomic &amp; Remap Eric Mackay Venkatesh Srinivas Basics

Logs on Logs on Logs No More Append Atomic &amp; Remap Eric Mackay Venkatesh Srinivas Basics

Logs on Logs on Logs No More Append Atomic &amp; Remap Eric Mackay Venkatesh Srinivas Basics of Block Device Interfaces I/O is done in granularity of blocks 512 bytes is pretty standard Writing is slooooooow Data is

898 views • 15 slides
Why are UI Logs Important? UI logs will help you identify Trends and Patterns that need to be

Why are UI Logs Important? UI logs will help you identify Trends and Patterns that need to be

2/17/2015 Unusual Incident Log Reviews January 23, 2015 Why are UI Logs Important? UI logs will help you identify Trends and Patterns that need to be addressed to ensure the Health and Welfare of those you serve. To ensure that sound

589 views • 24 slides
Unifying Heterogeneous Cray Unifying Heterogeneous Cray Resources and Systems into an

Unifying Heterogeneous Cray Unifying Heterogeneous Cray Resources and Systems into an

Unifying Heterogeneous Cray Unifying Heterogeneous Cray Resources and Systems into an Intelligent Single-scheduled Environment Scott Jackson Engineering Confidential and Proprietary Overview Introduction Heterogeneous Resources

690 views • 34 slides
Observed Low-level Cloud Morphology Associated with Tornadogenesis Events During the Southeastern

Observed Low-level Cloud Morphology Associated with Tornadogenesis Events During the Southeastern

Observed Low-level Cloud Morphology Associated with Tornadogenesis Events During the Southeastern United States Cool Season Christopher A. Lisauckis, Kevin R. Knupp University of Alabama in Huntsville Department of Atmospheric Science/SWIRLL I.

210 views • 20 slides
Unifying functional interpretations of nonstandard/uniform arithmetic Chuangjie Xu

Unifying functional interpretations of nonstandard/uniform arithmetic Chuangjie Xu

Introduction Herbrand Dialectica interpretation Unifying functional interpretations Discussion and summary Unifying functional interpretations of nonstandard/uniform arithmetic Chuangjie Xu Ludwig-Maximilians-Universit at M unchen

571 views • 18 slides
Unifying Notions of Feedback Sergey Goncharov FAU Tag der Informatik 2019, April 26 Unifying

Unifying Notions of Feedback Sergey Goncharov FAU Tag der Informatik 2019, April 26 Unifying

Unifying Notions of Feedback Sergey Goncharov FAU Tag der Informatik 2019, April 26 Unifying Notions of Feedback Sergey Goncharov FAU Tag der Informatik 2019, April 26 Outline Semantics of programs and specification frameworks is a rich

1.14k views • 49 slides
It Can Understand the Logs, Literally Aidi Pi , Wei Chen, Will Zeller and Xiaobo Zhou IPDPSW19

It Can Understand the Logs, Literally Aidi Pi , Wei Chen, Will Zeller and Xiaobo Zhou IPDPSW19

It Can Understand the Logs, Literally Aidi Pi , Wei Chen, Will Zeller and Xiaobo Zhou IPDPSW19 @ Rio de Janeiro Outline Introduction to distributed system logs Challenges NLog: A NLP based log analysis approach Evaluation

197 views • 18 slides
Unifying Mirror Symmetry Constructions David Favero favero@ualberta.ca University of Alberta

Unifying Mirror Symmetry Constructions David Favero favero@ualberta.ca University of Alberta

Unifying Mirror Symmetry Constructions Unifying Mirror Symmetry Constructions David Favero favero@ualberta.ca University of Alberta May 2016 Korean Institute for Advanced Study Slides available at: www.ualberta.ca/ favero Unifying Mirror

587 views • 41 slides
(Unifying?) rheology of soft glasses and jammed solids Ludovic Berthier Laboratoire Charles

(Unifying?) rheology of soft glasses and jammed solids Ludovic Berthier Laboratoire Charles

(Unifying?) rheology of soft glasses and jammed solids Ludovic Berthier Laboratoire Charles Coulomb Universit e de Montpellier 2 &amp; CNRS Unifying concepts in materials, JAKS 2012 Bangalore, February 7, 2012 title p.1 Coworkers

435 views • 26 slides
Unifying Logic, Dynamics and Probability: Founda9ons, Algorithms and Challenges Vaishak Belle

Unifying Logic, Dynamics and Probability: Founda9ons, Algorithms and Challenges Vaishak Belle

Unifying Logic, Dynamics and Probability: Founda9ons, Algorithms and Challenges Vaishak Belle University of Edinburgh 1 About this tutorial pages.vaishakbelle.com/logprob On unifying logic and probability Slides online at end of

639 views • 45 slides
Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come

Embracing Cloud Ian Apperley Agenda A little about me What is Cloud and where did it come from? Why Cloud? Cloud for small, medium, enterprise, and government Barriers to adoption Embracing Cloud Social Mobile Cloud

972 views • 45 slides
Mining Invariants from Logs for System Problem Detection Jian-Guang LOU, Qiang FU Software

Mining Invariants from Logs for System Problem Detection Jian-Guang LOU, Qiang FU Software

Mining Invariants from Logs for System Problem Detection Jian-Guang LOU, Qiang FU Software Analytics Microsoft Research Asia Background Many systems produce log messages for trouble-shooting. Logs usually record important system actions

706 views • 31 slides
Exponential and Logarithm Natural Logs and e Exponential Growth and Decay Functions Slide 3 /

Exponential and Logarithm Natural Logs and e Exponential Growth and Decay Functions Slide 3 /

Slide 1 / 99 Slide 2 / 99 Table of Contents Exponential Functions Logarithmic Functions Properties of Logs Common Logs Exponential and Logarithm Natural Logs and e Exponential Growth and Decay Functions Slide 3 / 99 Slide 4 / 99 We have

291 views • 17 slides
Introduction to Big-data Management Review and next steps 1 What We Covered Storage (HDFS)

Introduction to Big-data Management Review and next steps 1 What We Covered Storage (HDFS)

Introduction to Big-data Management Review and next steps 1 What We Covered Storage (HDFS) Query processing (MapReduce, RDD, Hyracks) Higher-level data flow engines (Pig, SparkSQL) Storage formats (row, column, Parquet, LSM indexing) Document

1.12k views • 33 slides
Image and Video Coding: Representation, Acquisition, Display ... 10011 ... encoder decoder

Image and Video Coding: Representation, Acquisition, Display ... 10011 ... encoder decoder

Image and Video Coding: Representation, Acquisition, Display ... 10011 ... encoder decoder Representation Formats Representation Formats ... 10011 ... encoder decoder representation format bitstream representation format Raw Data Formats

1.09k views • 43 slides
SHA-1 is a Shambles First Chosen-Prefix Collision on SHA-1 and Application to the PGP Web of Trust

SHA-1 is a Shambles First Chosen-Prefix Collision on SHA-1 and Application to the PGP Web of Trust

Introduction Record computation PGP/GPG Impersonation Conclusion SHA-1 is a Shambles First Chosen-Prefix Collision on SHA-1 and Application to the PGP Web of Trust Gatan Leurent Thomas Peyrin Inria, France NTU, Singapore Real World Crypto

1.29k views • 25 slides
Diving into Kotlin Multiplatform Dimitry Savvinov @dsavvinov October 14, 2020 Disclaimer A

Diving into Kotlin Multiplatform Dimitry Savvinov @dsavvinov October 14, 2020 Disclaimer A

Kotlin 1.4 Online Event Diving into Kotlin Multiplatform Dimitry Savvinov @dsavvinov October 14, 2020 Disclaimer A lot of internals ahead: Information is this talk might become outdated in the future The actual documentation is

1.19k views • 55 slides
Never Lose a Syslog Message Alexander Bluhm bluhm@openbsd.org September 24, 2017 Motivation

Never Lose a Syslog Message Alexander Bluhm bluhm@openbsd.org September 24, 2017 Motivation

Motivation Starting Position Local Improvements Remote Logging Conclusion Never Lose a Syslog Message Alexander Bluhm bluhm@openbsd.org September 24, 2017 Motivation Starting Position Local Improvements Remote Logging Conclusion Agenda

741 views • 34 slides
Design and Implementation of a Guard Installation and Administration Framework (GIAF) 15 March

Design and Implementation of a Guard Installation and Administration Framework (GIAF) 15 March

USJFCOM/J9/CE Design and Implementation of a Guard Installation and Administration Framework (GIAF) 15 March 2007 Doc Rev 1.0 Boyd Fletcher Chris Roberts USJFCOM J9 &amp; SPAWAR SC SD General Dynamics boyd.fletcher@je.jfcom.mil

339 views • 12 slides
Workflow Orchestration and Mining for Integrated Asset Management in Smart Oilfileds Presenter :

Workflow Orchestration and Mining for Integrated Asset Management in Smart Oilfileds Presenter :

Workflow Orchestration and Mining for Integrated Asset Management in Smart Oilfileds Presenter : Fan Sun Tao Zhu Yinglong Xia Muhammad Murtaza 1 of 25 Outline Introduction to CiSoft Overview of Integrated Asset Management (IAM)

723 views • 25 slides
Web Engineering 1. Architecture 2. Web Server Prof. Dr. Dr. h.c. mult. Gerhard Krger, Albrecht

Web Engineering 1. Architecture 2. Web Server Prof. Dr. Dr. h.c. mult. Gerhard Krger, Albrecht

Table of Content Web Engineering 1. Architecture 2. Web Server Prof. Dr. Dr. h.c. mult. Gerhard Krger, Albrecht Schmidt 3. Web Client Universitt Karlsruhe Fakultt fr Informatik 4. Performance and Efficiency Institut fr Telematik

531 views • 12 slides

More recommend