Atmosphere 2014: Centralized log management based on Logstash and Kibana - case study - Dariusz Eliasz

•

1 gefällt mir•1,691 views

Nowadays cloud enviroments are primary platform for applications. We no longer have multipurpose machines, rather multiple smaller virtual servers with dedicated roles. Therefore there is a need to have one place where we can manage applications and system logs. I wish to share my experience gained while building centralized log managment system using Nxlog, Logstash and Kibana. With that tools we are building cost effective and scalable log managment platform. Dariusz Eliasz - Works in Allegro Group as a Solution Architect and is responsible for organizing cooperation with infrastructure teams, also leads some of the infrastructure projects. Earlier as an Expert System Administratorhe was related with building and maintaining the infrastructure shared services (i.e. image hosting platform) within Allegro Group.

Präsentationen & Vorträge Technologie

Centralized log management based on
Logstash and Kibana - case study
Dariusz Eliasz
20.05.2014 Atmosphere Conference

• What’s the problem ?
• Solutons
• Transport format
• Architecture
– Sender
– Log router
– Log collector
– Full text search engine
– GUI
• Use case
Agenda

Transport format - syslog
• RFC3164 (BSD syslog )
• limited size - 1kB
• format of a syslog message:
– PRIORITY (calculated from severity and facility)
– HEADER (tmestamp + hostname or IP)
– MSG (tag + content)
<34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8

Transport format - json
• JavaScript Object Notaton
• lightweight text-data interchange format
• language independent
• self-describing

$Transport format - json { "LogType": "access_log", "Vhost": "atmosphere-conference.com", "HtpsOn": "false", "Xrealip": "1.2.3.5", "Clientp": "91.17.13.28", "UserAgent": "Mozilla/4.0 (compatble; MSIE 6.0; Windows NT 5.1)", }$

Sender
• nxlog (htp://nxlog-ce.sourceforge.net/)
• multple input types:
– tcp socket
– udp socket
– fle input
– unx socket
• multple parser types:
– bsd syslog
– json

Sender
Good practce:
• make as much as possible processing on sender site, eg: apache access logs in
json format
• automate confguraton management

Log router
nxlog
nxlog logstash
logstash
redis
redissyslog-ng
syslog-ng redis

$Log router ### JSON PARSER parser p_json { json-parser (prefx("_json.")); }; ### FILTERS flter f_someflter { ("${_json.SomeJsonField}” == ”abc.com”) }; ### INPUTS & OUTPUTS ### LOG PATHS log { source(s_network_json); destnaton(d_udp_logstash); destnaton(d_tcp_hadoop); #fags(fow-control); # disabled to separate destnatons };$

Log router
Good practce:
• good separaton of destnatons
• calculate enough redis size – it’s yor bufer
• batch events writes to redis

Log collector
• Logstash htp://logstash.net/
• collectng, parsing and storing logs tool
• plugins:
Inputs
• fle
• gelf
• tcp
• log4j
• redis
• varnishlog
Codecs
• json
• line
• msgpack
• netlow
• multline
Filters
• grok
• alter
• cidr
• geoip
• grep
• mutate
Outputs
• elastcsearch
• graphite
• jira
• tcp
• zeromq
• zabbix

Log collector
Good practce:
• keep up2date version of java & logstash
• use batch & multthread read from redis
• read logs 
• bulk writes to elastcsearch

Full text search engine
• Elastcsearch htp://www.elastcsearch.org/
• distributed, real-tme search and analytcs engine
• store documents as a JSON
• high availability
• schema free
• index mult-tenancy
• on top of Lucene

Full text search engine
• every index is replicated
• every index sharded
• index parttoning – tme based
• data retenton – tme based

Full text search engine
Good practce:
• half memory for ES (<30GB), half for system cache
• bootstrap.mlockall: true
• gateway.recover_afer_nodes
• indices.felddata.cache.size
• authorizaton via proxy
• curator
• Marvel plugin

GUI
• Kibana 3 htp://www.elastcsearch.org/overview/kibana/
• search, graph & analyze logs
• JavaScript based (AngularJS)
• only simple htp server needed

Sources
Images:
htp://www.datalife7.com/2014/01/einsteins-secret-to-problem-solving-and.html
htp://www.formengifs.com/victorinox-swiss-army-swiss-champ-multtool-knife/
htp://www.slashgear.com/google-data-center-hd-photos-hit-where-the-internet-lives-gallery-17252451/

Weitere ähnliche Inhalte

Was ist angesagt?

Fluentd and Distributed Logging at Kubecon

N Masahiro

Fluentd 101

SATOSHI TAGOMORI

Distributed Logging Architecture in Container Era

SATOSHI TAGOMORI

Log aggregation and analysis

Dhaval Mehta

Log forwarding at Scale

Eduardo Silva Pereira

Clojure News Feed Performance Testing

Dynamical Software, Inc.

Logging Application Behavior to MongoDB

Robert Stewart

This talk will cover the need of a centralized logging system, showcasing the architecture of the system. Also, I talk about how we ended up building this centralized logging system, What was the need for such a system, what problems we faced, how MongoDB fits into this and what others can learn from this. I also covered some how can we use mongoDB to make our logging system for realtime analytics and alerting system . The major use case of this system it to keeping track of meaningful events. This could be -: 1. How many users registered ? 2. How many registrations fails ? 3. Most occurred errors while doing something. 4. Realtime Analytics and Alerts 5. Identifying the possible threats.

Centralized logging system using mongoDB

Vivek Parihar

Fluentd Intro for OpenShift Commons Briefing

Eduardo Silva Pereira

Cloud Native Logging / Fluentd Summit Tokyo

Eduardo Silva Pereira

Sharding - patterns & antipatterns, Константин Осипов, Алексей Рыбак

Ontico

Logstash

Anton Pohorilyi

Centralised logging with ELK stack

Simon Hanmer

Event Driven Microservices

Fabrizio Fortino

Data Lessons Learned at Scale

Charlie Reverte

Javantura v3 - Logs – the missing gold mine – Franjo Žilić

HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association

Storing your data in the cloud: doing right reversim 2018

Orit Wasserman

Toolchain Independent Distributed Compilation

Dietmar Hauser

I was presenting the new trends and possibilities for a decade in open source monitoring 3 years ago at OSMC. It's time now to see if we can make some monitoring without Nagios. We'll then explore: - Collectd, Diamond, Packetbeat, StatsD and Logstash for collecting metrics and events - Graphite, InfluxDB for storing time series data - Elasticsearch for storing events - Kibana and Grafana for dispaying and searching metrics and events. - Seyren and Cabot for notifications What is possible with such a solution? How does it work compared to Nagios…? Is it iso-functionnal, maybe better than a Nagios based solution? Is there any migration path from Nagios? We'll try to answer all theses questions and maybe more!

OSMC 2014: Time to say goodbye to your Nagios setup | Oliver Jan

NETWAYS

Bringing spatial love to your python application

Shekhar Gulati

Was ist angesagt? (20)

Fluentd and Distributed Logging at Kubecon

Fluentd 101

Distributed Logging Architecture in Container Era

Log aggregation and analysis

Log forwarding at Scale

Clojure News Feed Performance Testing

Logging Application Behavior to MongoDB

Centralized logging system using mongoDB

Fluentd Intro for OpenShift Commons Briefing

Cloud Native Logging / Fluentd Summit Tokyo

Sharding - patterns & antipatterns, Константин Осипов, Алексей Рыбак

Logstash

Centralised logging with ELK stack

Event Driven Microservices

Data Lessons Learned at Scale

Javantura v3 - Logs – the missing gold mine – Franjo Žilić

Storing your data in the cloud: doing right reversim 2018

Toolchain Independent Distributed Compilation

OSMC 2014: Time to say goodbye to your Nagios setup | Oliver Jan

Bringing spatial love to your python application

Andere mochten auch

After few years of node.js in operation we know it's very fast. We all heard stories about backend services running with the help of node.js and V8 core. But what we have learned about the security of such applications? What are the major threats here? I'll explain how to create node.js apps in a secure and reliable way. Also - I'll show how those could be scaled easily with (or without) help of Linux containers (Docker based) or jail - systems like Selinux Sandbox or libvirt sandbox. Maciej Lasyk - I've been working in IT Operations for the last 14 years. I've seen how infrastructures raised and failed, how great minds worked on scalability and kept the high pace of their platforms. I've been scaling and securing webapps since many years; within Ganymede company, now with Lumesse and Fedora Project. I'm Open Source contributor, enthusiast and evangelist. I also support security projects like OWASP. You can catch me on Twitter @docent_net and also see my work in github @docent-net and my personal blog.

Atmosphere 2014: Scaling and securing node.js apps - Maciej Lasyk

PROIDEA

Akamai runs a network of 150.000 servers distributed among 2.000 locations in 92 countries. It’s constantly outputting Terabits per second, accounting for between 15 and 30% of the Internet’s WWW traffic. Talk will cover the principles of operation of Akamai’s Inteligent Platform, aspects of monitoring and managing consistent configuration on such scale. Speaker will share interesting technical details and general ideas behind the scalability and performance of the Akamai network. Paweł Kuśmierski - Pawel Kusmierski is a Senior Engineer and Lead of Akamai’s System Operations in Krakow, Poland. He’s responsible for operational oversight of Internet Mapping and Distributed Storage systems. In the past he interned at Google’s Mountain View office as a Software Engineer. He lives with his wife and three year old son in Krakow. Occasionally he finds time to fly sailplanes and build electronic devices.

Atmosphere 2014: Helping the Internet to scale since 1998 - Paweł Kuśmierski

PROIDEA

If vendors need to expose serial interface to “modern” IP world, they often use ready-made solution like Lantronix. You can find different vendors to use these devices as part of different embedded systems – from alarms to legacy SCADA systems. If you find such devices on the Internet or LAN, the most imporant part is to check if 77FEh is enabled. We will cover already known stuff with 77FEh, but also new interesting findings in owning such devices. New tool to exploit all of this will be presented as well as counter-measures.

CONFidence 2014: Vlatko Kosturjak: Exploring treasures of 77FEh

PROIDEA

Nowadays, everyone knows about the great importance of SAP systems and the critical data processed by them. Large companies install SAP Security Notes regularly so as not to repeat the mistake of Nvidia. One bug is not enough anymore to get access to all corporate SAP systems. Pentesters frequently find themselves in a situation where the OS of an SAP server has been compromised successfully, but they have not got an access to the ERP system. In addition, it is rather common to have an unprivileged account, which give them access to the encrypted password, but not to the whole system. Sometimes they even try to break into other systems with help of the passwords, which users usually use in the systems they’ve already broken, but they can’t, because they need them to be decrypted first. Where do we find the treasured password to access the financial transactions and revenues of NASDAQ monsters? Where and how does SAP store user passwords? Are all passwords stored as hashes, or can attackers find passwords in plaintext? This talk reviews the many places where SAP stores critical credentials, such as usernames and passwords, and, which is more interesting, the way it stores them. Methods of retrieving them will be described, and decryption utilities will be presented. SAP GUI shortcuts, RFC connections, SAP Security Storage, logs, traces, Database links, SAP HANA Storage, you name it – all varieties of SAP modules will be discussed in this talk.

CONFidence 2014: Dimitriy Chastuhin: All your sap p@$$w0яd z belong to us

PROIDEA

TOWARDS THE FASTEST (J)VM ON THE PLANET! When designing new language, one usually starts with an AST interpreter. When the language is ready for use, users find out it is great, but slow. So one starts to design a bytecode to speed things up. That may help a bit, but usually the result is clear: still the execution is slow. Truffle project offers you a different perspective: write your AST interpreter using Truffle nodes API and we make it fast! In addition to that we also give you tooling for free! As a proof we'll demonstrate that our implementation of Ruby is ten times faster than any other one, including indy based JRuby. Stop by for a short introduction how to be create the fastest execution environment for any language!

JDD2015: Towards the Fastest (J)VM on the Planet! - Jaroslav Tulach

PROIDEA

In my topic I’ll share my experience in analysis of most popular open and vendor’s specific proprietary industrial protocols. For each protocol I will present packet structure, real examples, (in)secure features and possible hacks. At the end of the topic I’ll share my practial approach, methodology and useful scripts. During the presentation we will talk about: Well-known protocols: Profinet, Modbus, DNP3 IEC 61850-8-1 (MMS) IEC 61870-5-101/104 FTE (Fault Tolerant Ethernet) Siemens S7

CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...

PROIDEA

Atmosphere 2014: RE:SPONSIBILITY - Matt Harasymczuk

PROIDEA

MIGRATING TO CONTINUOUS DELIVERY IN THE WORLD OF FINANCIAL TRADING IG Group is a global leader in online retail trading. It has over 120,000 active users around the world, and serves over 4.5 million trades per month. IG has had an online presence since the early 2000s and has grown sizeable IT real estate to support its many users and activities. Like many large companies, IG has depended on monthly big bang release cycles with long regression periods to guarantee the quality and reliability of its software. In 2013 IG started to move towards a continuous delivery model. This allowed us to break away from an ever-increasing monthly software release, and to enable higher quality and stability by releasing small change sets into production more frequently. In the world of financial trading, uptime and reliability are carefully monitored by financial regulators around the globe. In this talk, we look at the approaches and techniques IG have used to move to a continuous delivery model. Their API layer serves upwards of 40k requests per minute and is connected to numerous web, mobile, and public API clients. We will explore the technical and organisational challenges faced along the way, as well as some of the unexpected benefits.

JDD2015: Migrating to continuous delivery in the world of financial trading -...

PROIDEA

RATPACK: CORE OF YOUR MICRO-SERVICES Ratpack reached version 1.0 in 2015. It’s a light-weight framework with a lot of potential. It has a good team and years for coding behind it, but still remains very straight-forward, easy to use, deploy, extend and at the same time it's very efficient and performing. Its core is non-blocking and implements reactive approaches for handling high-load with little resources. It has all you need for your micro-services.

JDD2015: Ratpack: core of your micro-services - Andrey Adamovich

PROIDEA

Yes... I've heard about Spock ;-) and most likely dozens of other testing frameworks which were created after JUnit started to exist. JUnit is old, it's sometimes a bit grumpy, nevertheless it is stil very concise and lightweight library. It is enough to spend 10 minutes with JUnit documentation to understand the basic elements of test, how to write an assertion and how to launch your first test. In a day to day job there are several other JUnit features which might be very handy, there are also a few curosities worth to mention. In this presentation I will try to cover most of them including: parameterized tests, theories (org.junit.experimental.theories), rules (@Rule) and common matchers. As was already said JUnit is not a newbie in a testing framework world, over the years several additional libraries were added, I will show you a few interesting once, including randomized testing, benchmarking and REST interactions testing. This presentation was developed with the support of Poznań JUG, Tricity JUG and Szczecin JUG who were hosting this lecture in the past. Discussion which we had during and after the meetings was a great aid and influenced heavily current content of this presentation. Adam Dudczak - Adam Dudczak (@maneo), software engineer in Allegro group, working with Java (and JUnit) since 2004. Currently member of Allegro search team working on a better search experience in Allegro.pl. One of the leaders of Poznań JUG (www.jug.poznan.pl) and co-organizer of GeeCON conference (geecon.org). Father and husband, occasionally blogs at dudczak.info/dry.

Atmosphere 2014: JUnit: beyond the basics - Adam Dudczak

PROIDEA

TRUDNE ROZMOWY Sytuacji, w których pojawiają się emocje, nie da się uniknąć. Ważniejsze jest to, co w takiej sytuacji zrobimy. Zazwyczaj instynktownie stajemy się agresywni, aby obronić to, co jest dla nas ważne albo unikamy konfrontacji, żeby nie pogorszyć sytuacji. Bardzo rzadko tego typu reakcje dają pozytywny efekt. Potrzebna jest inna droga. W czasie spotkania omówimy i przećwiczymy podejście, dzięki któremu: - będzie bardziej jasne czego my chcemy w danej sytuacji - będzie bardziej jasne czego chce druga strona - będziemy używać języka, który nie wzbudza dodatkowych emocji - będziemy mogli łatwiej zinterpretować swoje emocje i emocje innych - będziemy wiedzieć, w jaki sposób postawić granice nie atakując innych. Jeśli odnajdujesz w tym coś ważnego dla siebie, przyjdź. A jeśli po prostu chciałbyś się dowiedzieć o co chodzi, to też przyjdź.

JDD2015: Trudne Rozmowy [WORKSHOP] - Mariusz Sieraczkiewicz

PROIDEA

DON’T PANIC – HITCHHIKER’S GUIDE TO THE JVM MONITORING Zdarzają się chwile, w których nawet najlepiej napisany system czy aplikacja odmawiają posłuszeństwa. Jak radzić sobie w kryzysowych sytuacjach? W jakie narzędzia się uzbroić? W prezentacji przedstawię przegląd narzędzi służących do monitorowania różnych aspektów działania wirtualnej maszyny Java wraz z praktycznymi przykładami ich wykorzystania. Agenda: 1. Analiza miejsc stwarzających największe problemy w aplikacjach 2. Przegląd dostępnych narzędzi do wykrywania problemów 3. Demonstracja wykorzystania niektórych z narzędzi na przykładach 4. Podsumowanie w postaci dobrych rad

JDD2015: Don’t Panic – Hitchhiker’s guide to the JVM monitoring - Wojciech Oc...

PROIDEA

DDD W PRAKTYCE, CZYLI JAK WDRAŻAMY I UCZYMY SIĘ DDD W ALLEGRO DDD nie jest frameworkiem czy też metodologią, jest raczej zbiorem zdroworozsądkowych wzorców i narzędzi, które każdy może komponować według uznania i potrzeb. Chociaż jest już z nami od ponad 10 lat, ciągle uczymy się jak najlepiej je wykorzystać, tak aby z jednej strony wnieść wartość do codziennej pracy, a z drugiej nie wpadać w formalizmy i teoretyczne dyskusje. Przeprowadzając transformację monolitycznej platformy Allegro zastosowaliśmy wzorce DDD jako jedno z głównych narzędzi i stało się naszym chlebem powszednim. W prezentacji opowiem co ze skrzynki narzędziowej DDD użyliśmy i z jakim skutkiem. Dowiecie się jak sami uczyliśmy się DDD i jak sprzedawaliśmy tę wiedzę w organizacji. Wreszcie opowiem wam czego sam nauczyłem się o DDD, szczególnie jak zmieniało się moje zrozumienie Projektowania Strategicznego i jak uczyłem się stosować DDD w świecie mikrousługowym.

JDD2015: DDD w praktyce, czyli jak wdrażamy i uczymy się DDD w Allegro - Krzy...

PROIDEA

PLNOG15 :Contagious SDN - consequences of dealing with it, Paweł Korzec

PROIDEA

PLNOG15: Internet of things and modern M2M solutions. New market for new serv...

PROIDEA

PLNOG15: IP services architecture with TDM quality in MPLS/IP networks - Mare...

PROIDEA

Adam Obszyński – works at Infoblox as Regional Sales Engineer responsible for CEE. Previously, he worked at Cisco and in few integrators and at ISP in the country. Adam has many years’ experience in designing and in implementation of network solutions. He has been in the industry for 17 years. He is the holder of CISSP and CCIE #8557 certificates. Adam is also the speaker at many conferences in the country and abroad (such as Cisco Live U.S. & EU, Cisco Forum, Cisco Expo, PLNOG). Topic of Presentation: DNSSEC – Cryptography in the service of the secure DNS Language: Polish Abstract: Keyword DNSSEC on Google returns over 2.5 million results. Probably everyone heard term DNSSEC. I will try to systematize information about DNSSEC protocol. I’ll talk about DNSSEC impact on DNS services – from SP and customer perspective. Why is it not used in Poland? Why world uses it? The session should include a mix of theory and practices used today on the Internet. Do You maintain DNS? You are invited then. You will learn how to protect Your data in the DNS system. You can also increase security of your customers :-) Do You use DNS? You are invited too. Learn what you should ask your ISP for. Same for providers, banks and gov. Institutions. No marketing. Just the facts.

PLNOG 13: Adam Obszyński: DNSSEC – Cryptography in the service of the secure DNS

PROIDEA

JDD2014: TIMTOWTDI and JAVA - Grzegorz Rożniecki

PROIDEA

Overview of SIANI Activities in 2014

SIANI

THORNY PATH TO DATA MINING PROJECTS Java is often criticized for hard parsing CSV datasets, poor matrix and vectors manipulations. This makes it hard to easy and efficiently implement certain types of machine learning algorithms. In many cases data scientists choose R or Python languages for modeling and problem solution and you as a Java developer should rewrite R algorithms in Java or integrate many small Python scripts in Java application. But why so many Highload tools like Cassandra, Hadoop, Giraph, Spark are written in Java or executed on JVM? What is the secret of successful implementation and running? Maybe we should forget old manufacturing approach when we separate developers from research engineers in production projects? During the report, we will discuss typical Data Mining tasks, advantages and disadvantages of Hadoop ecosystem, battle between Spark and Hadoop for a place under the Sun, difference between popular Machine Learning tools and libraries. Attendees of my talk will become more familiar with different abbreviations and buzz words and also will get useful tips about self-education way in this area.

JDD2015: Thorny path to Data Mining projects - Alexey Zinoviev

PROIDEA

Andere mochten auch (20)

Atmosphere 2014: Scaling and securing node.js apps - Maciej Lasyk

Atmosphere 2014: Helping the Internet to scale since 1998 - Paweł Kuśmierski

CONFidence 2014: Vlatko Kosturjak: Exploring treasures of 77FEh

CONFidence 2014: Dimitriy Chastuhin: All your sap p@$$w0яd z belong to us

JDD2015: Towards the Fastest (J)VM on the Planet! - Jaroslav Tulach

CONFidence 2014: Alexander Timorin: SCADA deep inside: protocols and security...

Atmosphere 2014: RE:SPONSIBILITY - Matt Harasymczuk

JDD2015: Migrating to continuous delivery in the world of financial trading -...

JDD2015: Ratpack: core of your micro-services - Andrey Adamovich

Atmosphere 2014: JUnit: beyond the basics - Adam Dudczak

JDD2015: Trudne Rozmowy [WORKSHOP] - Mariusz Sieraczkiewicz

JDD2015: Don’t Panic – Hitchhiker’s guide to the JVM monitoring - Wojciech Oc...

JDD2015: DDD w praktyce, czyli jak wdrażamy i uczymy się DDD w Allegro - Krzy...

PLNOG15 :Contagious SDN - consequences of dealing with it, Paweł Korzec

PLNOG15: Internet of things and modern M2M solutions. New market for new serv...

PLNOG15: IP services architecture with TDM quality in MPLS/IP networks - Mare...

PLNOG 13: Adam Obszyński: DNSSEC – Cryptography in the service of the secure DNS

JDD2014: TIMTOWTDI and JAVA - Grzegorz Rożniecki

Overview of SIANI Activities in 2014

JDD2015: Thorny path to Data Mining projects - Alexey Zinoviev

Ähnlich wie Atmosphere 2014: Centralized log management based on Logstash and Kibana - case study - Dariusz Eliasz

Don’t turn your logs into cuneiform

Andrey Rebrov

Distributed Logging Architecture in the Container Era

Glenn Davis

Logstash

Rajgourav Jain

Elastic Stack ELK, Beats, and Cloud

Joe Ryan

Docker and Fluentd

N Masahiro

In this talk, I will talk about why log files are horrible, logging log lines, and more structured performance metrics from large scale production applications as well as building reliable, scaleable and flexible large scale software systems in multiple languages. Why (almost) all log formats are horrible will be explained, and why JSON is a good solution for logging will be discussed, along with a number of message queuing, middleware and network transport technologies, including STOMP, AMQP and ZeroMQ. The Message::Passing framework will be introduced, along with the logstash.net project which the perl code is interoperable with. These are pluggable frameworks in ruby/java/jruby and perl with pre-written sets of inputs, filters and outputs for many many different systems, message formats and transports. They were initially designed to be aggregators and filters of data for logging. However they are flexible enough to be used as part of your messaging middleware, or even as a replacement for centralised message queuing systems. You can have your cake and eat it too - an architecture which is flexible, extensible, scaleable and distributed. Build discrete, loosely coupled components which just pass messages to each other easily. Integrate and interoperate with your existing code and code bases easily, consume from or publish to any existing message queue, logging or performance metrics system you have installed. Simple examples using common input and output classes will be demonstrated using the framework, as will easily adding your own custom filters. A number of common messaging middleware patterns will be shown to be trivial to implement. Some higher level use-cases will also be explored, demonstrating log indexing in ElasticSearch and how to build a responsive platform API using webhooks. Interoperability is also an important goal for messaging middleware. The logstash.net project will be highlighted and we'll discuss crossing the single language barrier, allowing us to have full integration between java, ruby and perl components, and to easily write bindings into libraries we want to reuse in any of those languages.

Messaging, interoperability and log aggregation - a new framework

Tomas Doran

Open Source Logging and Metric Tools

Phase2

Stream processing applications built on Apache Apex run on Hadoop clusters and typically power analytics use cases where availability, flexible scaling, high throughput, low latency and correctness are essential. These applications consume data from a variety of sources, including streaming sources like Apache Kafka, Kinesis or JMS, file based sources or databases. Processing results often need to be stored in external systems (sinks) for downstream consumers (pub-sub messaging, real-time visualization, Hive and other SQL databases etc.). Apex has the Malhar library with a wide range of connectors and other operators that are readily available to build applications. We will cover key characteristics like partitioning and processing guarantees, generic building blocks for new operators (write-ahead-log, incremental state saving, windowing etc.) and APIs for application specification.

Apache Big Data EU 2016: Building Streaming Applications with Apache Apex

Apache Apex

Rich Viet, Principal Engineer at Cloud Elements presents 'Scalable Logging and Analytics with LogStash' at All Things API meetup in Denver, CO. Learn more about scalable logging and analytics using LogStash. This will be an overview of logstash components, including getting started, indexing, storing and getting information from logs. Logstash is a tool for managing events and logs. You can use it to collect logs, parse them, and store them for later use (like, for searching).

'Scalable Logging and Analytics with LogStash'

Cloud Elements

Search onhadoopsfhug081413

gregchanan

Logstash

琛琳饶

Cloud Foundry Monitoring How-To: Collecting Metrics and Logs

Altoros

Log management with ELK

Geert Pante

Rpc framework

july mon

ELK stack at weibo.com

琛琳饶

Elk presentation 2#3

uzzal basak

(Fios#02) 2. elk 포렌식 분석

INSIGHT FORENSIC

#Pharo Days 2016 Data Formats and Protocols

Philippe Back

Parquet Hadoop Summit 2013

Julien Le Dem

Logs aggregation and analysis

Divante

Ähnlich wie Atmosphere 2014: Centralized log management based on Logstash and Kibana - case study - Dariusz Eliasz (20)

Don’t turn your logs into cuneiform

Distributed Logging Architecture in the Container Era

Logstash

Elastic Stack ELK, Beats, and Cloud

Docker and Fluentd

Messaging, interoperability and log aggregation - a new framework

Open Source Logging and Metric Tools

Apache Big Data EU 2016: Building Streaming Applications with Apache Apex

'Scalable Logging and Analytics with LogStash'

Search onhadoopsfhug081413

Logstash

Cloud Foundry Monitoring How-To: Collecting Metrics and Logs

Log management with ELK

Rpc framework

ELK stack at weibo.com

Elk presentation 2#3

(Fios#02) 2. elk 포렌식 분석

#Pharo Days 2016 Data Formats and Protocols

Parquet Hadoop Summit 2013

Logs aggregation and analysis

Kürzlich hochgeladen

in kuwait௹+918133066128....) @abortion pills for sale in Kuwait City

Abortion pills in Kuwait Cytotec pills in Kuwait

• For a full set of 390+ questions. Go to https://skillcertpro.com/product/aws-data-engineer-associate-dea-c01-exam-questions/ • SkillCertPro offers detailed explanations to each question which helps to understand the concepts better. • It is recommended to score above 85% in SkillCertPro exams before attempting a real exam. • SkillCertPro updates exam questions every 2 weeks. • You will get life time access and life time free updates • SkillCertPro assures 100% pass guarantee in first attempt.

AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf

SkillCertProExams

Despite remarkable successes in various domains such as robotics and games, Reinforcement Learning (RL) still struggles with exploration inefficiency. For example, in hard Atari games, state-of-the-art agents often require billions of trial actions, equivalent to years of practice, while a moderately skilled human player can achieve the same score in just a few hours of play. This contrast emerges from the difference in exploration strategies between humans, leveraging memory, intuition and experience, and current RL agents, primarily relying on random trials and errors. This tutorial reviews recent advances in enhancing RL exploration efficiency through intrinsic motivation or curiosity, allowing agents to navigate environments without external rewards. Unlike previous surveys, we analyze intrinsic motivation through a memory-centric perspective, drawing parallels between human and agent curiosity, and providing a memory-driven taxonomy of intrinsic motivation approaches. The talk consists of three main parts. Part A provides a brief introduction to RL basics, delves into the historical context of the explore-exploit dilemma, and raises the challenge of exploration inefficiency. In Part B, we present a taxonomy of self-motivated agents leveraging deliberate, RAM-like, and replay memory models to compute surprise, novelty, and goal, respectively. Part C explores advanced topics, presenting recent methods using language models and causality for exploration. Whenever possible, case studies and hands-on coding demonstrations. will be presented.

Unlocking Exploration: Self-Motivated Agents Thrive on Memory-Driven Curiosity

Hung Le

Report Writing Webinar Training

KylaCullinane

Proofreading: Basics to Artificial Intelligence Integration. Become a Professional Proofreader and Editor Leveraging Human Expertise and Artificial Intelligence (AI) Technology and Tools. Table of Contents MODULE 1: INTRODUCTION TO PROOFREADING What is proofreading, and how is it different from editing? The importance of proofreading in publishing and communication Types of materials that require proofreading (books, articles, websites, legal documents, etc.) Proofreading marks and symbols MODULE 2: DEVELOPING PROOFREADING SKILLS MODULE 3: PROOFREADING TECHNIQUES Preparing for the proofreading process (setting up the workspace, tools, etc.) Reading techniques (line-by-line, word-by-word, backwards reading) Using proofreading checklists and guidelines Cross-checking against style guides and reference materials Marking up corrections and queries MODULE 4: PROOFREADING DIFFERENT TYPES OF CONTENT Proofreading fiction and non-fiction books Fiction Books: Non-Fiction Books: Proofreading academic and scientific papers Proofreading legal and business documents Proofreading websites and digital content Proofreading marketing and advertising materials MODULE 5: PROOFREADING TOOLS AND RESOURCES MODULE 6: PROOFREADING WORKFLOWS AND BEST PRACTICES MODULE 7: BUILDING A SUCCESSFUL PROOFREADING CAREER MODULE 8: AI TEXT EDITING AND PROOFREADING Benefits and limitations of AI in this field Benefits of AI in Proofreading: Limitations of AI in Proofreading: Examples of AI-powered text editing and proofreading tools Combining AI with Human Expertise AI Ethics and Bias in Text Editing Future Trends and Developments in AI Text Editing This cutting-edge course equips you with the essential skills and tools to become a proofreading pro in the age of AI technology. Designed for writers, editors, content creators, and anyone seeking to elevate their proofreading game, this masterclass combines time-tested proofreading techniques with the latest AI-powered text editing solutions. Through in-depth modules, you will master the art of proofreading, from developing razor-sharp attention to detail to mastering grammar, punctuation, and style guidelines. This masterclass also dives deep into the world of AI text editing. You’ll discover how AI-powered tools can aid in grammar and style checking, context-aware spell checking, consistency management, content optimization, and more. You will learn to seamlessly integrate AI tools into your proofreading workflows, combining the best of human expertise and AI technology for unparalleled results. Finally, this course will help you discover how to harness the power of AI to streamline your proofreading workflows, enhance accuracy, and deliver impeccable content every time, thanks to advanced proofreading techniques, such as line-by-line reading, backward reading, and cross-checking against reference materials, ensuring no error goes unnoticed.

Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...

David Celestin

lONG QUESTION ANSWER PAKISTAN STUDIES10.

lodhisaajjda

BIG DEVELOPMENTS IN LESOTHO(DAMS & MINES

futhumetsaneliswa

Dreaming Marissa Sánchez Music Video Treatment

nswingard

History of Morena Moshoeshoe birth death

phntsoaki

SOLID WASTE MANAGEMENT SYSTEM OF FENI PAURASHAVA, BANGLADESH.pdf

Mahamudul Hasan

Klinik_ Apotek Onlin 085657271886 Solusi Menggugurkan Masalah Kehamilan Anda Jual Obat Aborsi Di Jakarta. KLINIK ABORSI TERPEECAYA _ Jual Obat Aborsi Cytotec Misoprostol Asli 100% Ampuh Hanya 3 Jam Langsung Gugur || OBAT PENGGUGUR KANDUNGAN AMPUH MANJUR OBAT ABORSI OLINE" APOTIK Jual Obat Cytotec, Gastrul, Gynecoside Asli Ampuh. JUAL ” Obat Aborsi Tuntas | Obat Aborsi Manjur | Obat Aborsi Ampuh | Obat Penggugur Janin | Obat Pencegah Kehamilan | Obat Pelancar Haid | Obat terlambat Bulan | Ciri Obat Aborsi Asli | Obat Telat Bulan | Pil Aborsi Asli | Cara Menggugurkan Konten | Cara Aborsi Tuntas | Harga Obat Aborsi Asli | Pil Aborsi | Jual Obat Aborsi Cytotec | Cara Aborsi Sendiri | Cara Aborsi Usia 1 Bulan | Cara Aborsi Usia 2 Tahun | Cara Aborsi Usia 3 Bulan | Obat Aborsi Usia 4 Bulan | Cara Abrasi Usia 5 Bulan | Cara Menggugurkan Konten | Kandungan Obat Penggugur | Cara Menghitung Usia Konten | Cara Mengatasi Terlambat Bulan | Penjual Obat Aborsi Asli | Obat Aborsi Garansi | Kandungan Obat Peluntur | Obat Telat Datang Bulan | Obat Telat Haid | Obat Aborsi Paling Murah | Klinik Jual Obat Aborsi | Jual Pil Cytotec | Apotik Jual Obat Aborsi | Kandungan Dokter Abrasi | Cara Aborsi Cepat | Jual Obat Aborsi Bergaransi | Jual Obat Cytotec Asli | Obat Aborsi Aman Manjur | Obat Misoprostol Cytotec Asli. "APA ITU ABORSI" “Aborsi Adalah dengan membendung hormon yang di perlukan untuk mempertahankan kehamilan yaitu hormon progesteron, karena hormon ini dibendung, maka jalur kehamilan mulai membuka dan leher rahim menjadi melunak,sehingga mengeluarkan darah yang merupakan tanda bahwa obat telah bekerja || maksimal 1 jam obat diminum || PENJELASAN OBAT ABORSI USIA 1 _7 BULAN Pada usia kandungan ini, pasien akan merasakan sakit yang sedikit tidak berlebihan || sekitar 1 jam ||. namun hanya akan terjadi pada saatdarah keluar merupakan pertanda menstruasi. Hal ini dikarenakan pada usiakandungan 3 bulan,janin sudah terbentuk sebesar kepalan tangan orang dewasa. Cara kerja obat aborsi : JUAL OBAT ABORSI AMPUH dosis 3 bulan secara umum sama dengan cara kerja || DOSIS OBAT ABORSI 2 bulan”, hanya berbedanya selain mengisolasijanin juga menghancurkan janin dengan formula methotrexate dikandungdidalamnya. Formula methotrexate ini sangat ampuh untuk menghancurkan janinmenjadi serpihan-serpihan kecil akan sangat berguna pada saat dikeluarkan nanti. APA ALASAN WANITA MELAKUKAN ABORSI? Aborsi di lakukan wanita hamil baik yang sudah menikah maupun belum menikah dengan berbagai alasan , akan tetapi alasan yang utama adalah alasan-alasan non medis (termasuk aborsi sendiri / di sengaja/ buatan] MELAYANI PEMESANAN OBAT ABORSI SETIAP HARI, SIAP KIRIM KESELURUH KOTA BESAR DI INDONESIA DAN LUAR NEGERI. HUBUNGI PEMESANAN LEBIH NYAMAN VIA WA/: 085657271886

Jual obat aborsi Jakarta 085657271886 Cytote pil telat bulan penggugur kandun...

ZurliaSoop

call Now VIP Female Most Attractive Independent Call Girls Service In All Mumbai That Can Make Every Moment You Spend With Me Full Of Pleasure ★ SAFE AND SECURE HIGH CLASS SERVICE AFFORDABLE RATE SATISFACTION,UNLIMITED ENJOYMENT. ★ All Meetings are confidential and no information is provided to any one at any cost. ★ EXCLUSIVE PROFILes Are Safe and Consensual with Most Limits Respected ★ Service Available In: - HOME & HOTEL Star Hotel Service .In Call & Out call SeRvIcEs : ★ A-Level (star escort) ★ Strip-tease ★ BBBJ (Bareback Blowjob)Receive advanced sexual techniques in different mode make their life more pleasurable. ★ Spending time in hotel rooms ★ BJ (Blowjob Without a Condom) ★ Completion (Oral to completion) ★ Covered (Covered blowjob Without condom SAFE AND SECURE WhatsApp Call Number

Call Girls Near The Byke Suraj Plaza Mumbai »¡¡ 07506202331¡¡« R.K. Mumbai

Priya Reddy

Lions New Portal from Narsimha Raju Dichpally 320D.pptx

lionnarsimharajumjf

Introduction to Artificial intelligence.

thamaeteboho94

BEAUTIFUL PLACES TO VISIT IN LESOTHO.pptx

thusosetemere

LITTLE ABOUT LESOTHO FROM THE TIME MOSHOESHOE THE FIRST WAS BORN

tntlai16

I had the honour of presenting my reflections on the autobiography of Professor Isaac Folorunso Adewole, titled "Uncommon Grace." As someone deeply invested in documentation and history, I found Professor Adewole's decision to narrate his journey from humble beginnings to occupying one of the highest offices in the land both inspiring and invaluable. In this eloquently written memoir, Professor Adewole provides a comprehensive account of his life, from his ancestral roots to his time as Minister of Health in Nigeria. The unique aspect of this autobiography is that he portrayed himself authentically without taking the help of third-party narratives, which is often seen in accounts of high-ranking officials. His upbringing was greatly influenced by his father's commitment to education. He became a prominent figure in advocating for the rights of the underprivileged through trade unionism. His story is one of unwavering determination, resilience, and faith. His experiences, including both successes and struggles, provide priceless lessons on leadership, perseverance, and the alignment of personal values with public service. While reading "Uncommon Grace," I was struck by the deep leadership lessons that are embedded within its chapters. Professor Adewole stresses the importance of inclusivity, servant leadership, and planning, which are all highly relevant in today's complex world. His commitment to accountability, as well as his primary responsibility as a researcher, serves as a guiding light for aspiring leaders across various disciplines. During his tenure as the Vice Chancellor of the University of Ibadan, he led with visionary leadership and transformative impact. His accomplishments have been meticulously documented in the book, which can serve as a blueprint for rejuvenating institutions and promoting academic excellence. In the latter part of his autobiography, Professor Adewole shares his experiences as a Minister, detailing the challenges he faced while serving the public with integrity and courage. His reflections on the complexities of public service, coupled with his commitment to the well-being of the nation, offer practical insights for policymakers and citizens alike. I have carefully read "Uncommon Grace" and it is more than just a memoir. It is a timeless book that is hard to put down once you start reading. While intellectuals may continue to debate whether uncommon grace was made possible by uncommon preparation or the other way around, I applaud Professor Adewole for sharing his ideas, knowledge, and experience with the public. I highly recommend this book to everyone.

Uncommon Grace The Autobiography of Isaac Folorunso

Kayode Fayemi

Dreaming Music Video Treatment _ Project & Portfolio III

NhPhngng3

Zone Chairperson Role and Responsibilities New updated.pptx

lionnarsimharajumjf

He said to them, “Go into all the world and preach the gospel to all creation. Whoever believes and is baptized will be saved, but whoever does not believe will be condemned. And these signs will accompany those who believe: In my name they will drive out demons; they will speak in new tongues; they will pick up snakes with their hands; and when they drink deadly poison, it will not hurt them at all; they will place their hands on sick people, and they will get well.” After the Lord Jesus had spoken to them, he was taken up into heaven and he sat at the right hand of God. Then the disciples went out and preached everywhere, and the Lord worked with them and confirmed his word by the signs that accompanied it. Mark 16:15-20

Ready Set Go Children Sermon about Mark 16:15-20

rejz122017

Kürzlich hochgeladen (20)

in kuwait௹+918133066128....) @abortion pills for sale in Kuwait City

AWS Data Engineer Associate (DEA-C01) Exam Dumps 2024.pdf

Unlocking Exploration: Self-Motivated Agents Thrive on Memory-Driven Curiosity

Report Writing Webinar Training

Proofreading- Basics to Artificial Intelligence Integration - Presentation:Sl...

lONG QUESTION ANSWER PAKISTAN STUDIES10.

BIG DEVELOPMENTS IN LESOTHO(DAMS & MINES

Dreaming Marissa Sánchez Music Video Treatment

History of Morena Moshoeshoe birth death

SOLID WASTE MANAGEMENT SYSTEM OF FENI PAURASHAVA, BANGLADESH.pdf

Jual obat aborsi Jakarta 085657271886 Cytote pil telat bulan penggugur kandun...

Call Girls Near The Byke Suraj Plaza Mumbai »¡¡ 07506202331¡¡« R.K. Mumbai

Lions New Portal from Narsimha Raju Dichpally 320D.pptx

Introduction to Artificial intelligence.

BEAUTIFUL PLACES TO VISIT IN LESOTHO.pptx

LITTLE ABOUT LESOTHO FROM THE TIME MOSHOESHOE THE FIRST WAS BORN

Uncommon Grace The Autobiography of Isaac Folorunso

Dreaming Music Video Treatment _ Project & Portfolio III

Zone Chairperson Role and Responsibilities New updated.pptx

Ready Set Go Children Sermon about Mark 16:15-20

Atmosphere 2014: Centralized log management based on Logstash and Kibana - case study - Dariusz Eliasz

1. Centralized log management based on Logstash and Kibana - case study Dariusz Eliasz 20.05.2014 Atmosphere Conference

2. • What’s the problem ? • Solutons • Transport format • Architecture – Sender – Log router – Log collector – Full text search engine – GUI • Use case Agenda

3. What’s the problem ??

6. Solutons ??

10.

11. Transport format - syslog • RFC3164 (BSD syslog ) • limited size - 1kB • format of a syslog message: – PRIORITY (calculated from severity and facility) – HEADER (tmestamp + hostname or IP) – MSG (tag + content) <34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8

12. Transport format - json • JavaScript Object Notaton • lightweight text-data interchange format • language independent • self-describing

13. Transport format - json { "LogType": "access_log", "Vhost": "atmosphere-conference.com", "HtpsOn": "false", "Xrealip": "1.2.3.5", "Clientp": "91.17.13.28", "UserAgent": "Mozilla/4.0 (compatble; MSIE 6.0; Windows NT 5.1)", }

14. Architecture

15. Sender

16. Sender • nxlog (htp://nxlog-ce.sourceforge.net/) • multple input types: – tcp socket – udp socket – fle input – unx socket • multple parser types: – bsd syslog – json

17. Sender Good practce: • make as much as possible processing on sender site, eg: apache access logs in json format • automate confguraton management

18. Log router

19. Log router nxlog nxlog logstash logstash redis redissyslog-ng syslog-ng redis

20. Log router ### JSON PARSER parser p_json { json-parser (prefx("_json.")); }; ### FILTERS flter f_someflter { ("${_json.SomeJsonField}” == ”abc.com”) }; ### INPUTS & OUTPUTS ### LOG PATHS log { source(s_network_json); destnaton(d_udp_logstash); destnaton(d_tcp_hadoop); #fags(fow-control); # disabled to separate destnatons };

21. Log router Good practce: • good separaton of destnatons • calculate enough redis size – it’s yor bufer • batch events writes to redis

22. Log collector

23. Log collector • Logstash htp://logstash.net/ • collectng, parsing and storing logs tool • plugins: Inputs • fle • gelf • tcp • log4j • redis • varnishlog Codecs • json • line • msgpack • netlow • multline Filters • grok • alter • cidr • geoip • grep • mutate Outputs • elastcsearch • graphite • jira • tcp • zeromq • zabbix

24. Log collector Good practce: • keep up2date version of java & logstash • use batch & multthread read from redis • read logs  • bulk writes to elastcsearch

25. Full text search engine • Elastcsearch htp://www.elastcsearch.org/ • distributed, real-tme search and analytcs engine • store documents as a JSON • high availability • schema free • index mult-tenancy • on top of Lucene

26. Full text search engine • every index is replicated • every index sharded • index parttoning – tme based • data retenton – tme based

27. Full text search engine Good practce: • half memory for ES (<30GB), half for system cache • bootstrap.mlockall: true • gateway.recover_afer_nodes • indices.felddata.cache.size • authorizaton via proxy • curator • Marvel plugin

28. GUI • Kibana 3 htp://www.elastcsearch.org/overview/kibana/ • search, graph & analyze logs • JavaScript based (AngularJS) • only simple htp server needed

29.

30. Q&A

31. Sources Images: htp://www.datalife7.com/2014/01/einsteins-secret-to-problem-solving-and.html htp://www.formengifs.com/victorinox-swiss-army-swiss-champ-multtool-knife/ htp://www.slashgear.com/google-data-center-hd-photos-hit-where-the-internet-lives-gallery-17252451/

Atmosphere 2014: Centralized log management based on Logstash and Kibana - case study - Dariusz Eliasz

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Andere mochten auch

Andere mochten auch (20)

Ähnlich wie Atmosphere 2014: Centralized log management based on Logstash and Kibana - case study - Dariusz Eliasz

Ähnlich wie Atmosphere 2014: Centralized log management based on Logstash and Kibana - case study - Dariusz Eliasz (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Atmosphere 2014: Centralized log management based on Logstash and Kibana - case study - Dariusz Eliasz