Presentation is loading. Please wait.

Presentation is loading. Please wait.

Combining Metrics and Logs for Holistic System/Application Analysis

Published byMyles Neal Modified over 6 years ago

Similar presentations

Presentation on theme: "Combining Metrics and Logs for Holistic System/Application Analysis"— Presentation transcript:

1

2 Combining Metrics and Logs for Holistic System/Application Analysis
Sharath Kumar M N Elasticsearch Solutions Architect, Peoplesoft Oracle May 10, 2017 Confidential – Oracle Internal/Restricted/Highly Restricted

3 Metrics :- A metric is a quantifiable measure that is used to track and assess the status of a specific process Confidential – Oracle Internal/Restricted/Highly Restricted

4 Logs:- record of incidents or observations
Confidential – Oracle Internal/Restricted/Highly Restricted

5 Need For Holistic Analysis
Confidential – Oracle Internal/Restricted/Highly Restricted

6 Metrics [01/Nov/2016:21:01: ] "apache" cpu 30 [01/Nov/2016:21:01: ] " apache" cpu 35 [01/Nov/2016:21:01: ] "apache" cpu 32 Logs [01/Nov/2016:21:01: ] "GET /cluster HTTP/1.1" [01/Nov/2016:21:01: ] "GET /cpc/auth.do?loginsetup=true&targetPage=%2Fcpc%2F HTTP/1.1" [01/Nov/2016:21:01: ] "GET /cpc?loginsetup=true&targetPage=%252Fcpc%252F HTTP/1.1" 302 - Confidential – Oracle Internal/Restricted/Highly Restricted Confidential – Oracle Internal/Restricted/Highly Restricted Confidential – Oracle Internal/Restricted/Highly Restricted 6 6

7 Application Metrics + Logs
Confidential – Oracle Internal/Restricted/Highly Restricted

8 Architecture Collect/Ship Data Datastore, Search, analytics engine
Visualize Edge Nodes Queue Parse/ Enrich Data Confidential – Oracle Internal/Restricted/Highly Restricted

9 Filebeat Lightweight Shipper for Logs Tail files
Ensure At-Least-Once Delivery Extensions: Modules Filebeat comes with internal modules (Apache, Nginx, System, and MySQL)  Filebeat consists of two main components: prospectors and harvesters.They work together to tail files and send event data to the output that you specify. A harvester is responsible for reading the content of a single file. The harvester reads each file, line by line, and sends the content to the output. A prospector is responsible for managing the harvesters and finding all sources to read find all files on the drive that match the defined glob paths and starts a harvester for each file Filebeat keeps the state of each file and frequently flushes the state to disk in the registry file. Confidential – Oracle Internal/Restricted/Highly Restricted

10 Config file (.yml) Confidential – Oracle Internal/Restricted/Highly Restricted

11 Metricbeat Lightweight Shipper for Metrics
Extensions: Modules and Metricsets Come with many modules (Apache, Nginx, System, Redis, MySQL,PostgreSQL, MongoDB, Kafka ….)  Confidential – Oracle Internal/Restricted/Highly Restricted

12 Config file (.yml) Confidential – Oracle Internal/Restricted/Highly Restricted

13 Event Structure Confidential – Oracle Internal/Restricted/Highly Restricted

14 Logstash Data collection engine with real- time pipelining capabilities  Unify data from disparate sources and normalize the data into destinations of choice Parse and Enrich Logs Confidential – Oracle Internal/Restricted/Highly Restricted

15 Logstash Pipeline Confidential – Oracle Internal/Restricted/Highly Restricted

16 Parse Logs frank [10/Oct/2016:13:55: ] "GET /apache_pb.gif HTTP/1.0" { "clientip": " ", "userId": "frank", "timestamp":"10/Oct/2016:13:55: ", "verb": "GET", "request": "/apache_pb.gif", "httpversion": "HTTP/1.0", "response": 200 "bytes" :2336 } filter { grok{ match=>{ "message"=>"%{IPORHOST:clientip} %{USER:userId} %{USER:auth} \[%{HTTPDATE:timestamp}\] "(?:%{WORD:verb} %{NOTSPACE:request}(?: HTTP/%{NUMBER:httpversion}))" %{NUMBER:response} (?:%{NUMBER:bytes}|-)" } Confidential – Oracle Internal/Restricted/Highly Restricted

17 Enrich Logs frank [10/Oct/2016:13:55: ] "GET /apache_pb.gif HTTP/1.0" { . "geoip": { "continent_name": "North America", "country_iso_code": "US", "region_name": "California", "city_name": "Mountain View", "location": { "lat": , "lon": } } filter { geoip { source => "clientip" } Confidential – Oracle Internal/Restricted/Highly Restricted

18 Elasticsearch Distributed, full text search and analytics engine
Based on Lucene Its RESTful Highly available Very Fast Connectors for Big Data – “Elasticsearch-Hadoop” Confidential – Oracle Internal/Restricted/Highly Restricted

19 Kibana Analytics and visualization platform designed to work with Elasticsearch  Browser-based interface for near real time analytics Option of visualizing data in time series. Perform advanced data analysis and visualize your data in a variety of charts, tables, and maps Confidential – Oracle Internal/Restricted/Highly Restricted

20 Lets See it in Action!! Confidential – Oracle Internal/Restricted/Highly Restricted

21 Demo – Attachment Processing
Confidential – Oracle Internal/Restricted/Highly Restricted

22 Demo – Attachment Processing
Confidential – Oracle Internal/Restricted/Highly Restricted

23 Demo – Attachment Processing
Confidential – Oracle Internal/Restricted/Highly Restricted

24 The Best Part is …. Confidential – Oracle Internal/Restricted/Highly Restricted

25 Open Source Powerful Simple
Confidential – Oracle Internal/Restricted/Highly Restricted Confidential – Oracle Internal/Restricted/Highly Restricted 25

26 Benefits Holistic Analysis / Unified Analytics
Better Troubleshooting / RCA Deeper Insights into System and Applications “Data” is Power – Intrinsic Values Confidential – Oracle Internal/Restricted/Highly Restricted

27 Sample Use Cases DevOps , IoT, ITOps , Application Monitoring & Analytics
Confidential – Oracle Internal/Restricted/Highly Restricted

28 Q&A Confidential – Oracle Internal/Restricted/Highly Restricted

Download ppt "Combining Metrics and Logs for Holistic System/Application Analysis"

Similar presentations

© 2013 IBM Corporation October 4, 2013 IT Analytics and Big Data IBM Solutions Paul Smith (Smitty) Service Management Architect.

© 2013 IBM Corporation October 4, 2013 IT Analytics and Big Data IBM Solutions Paul Smith (Smitty) Service Management Architect.
MONITORING TOOLS Open Source Security Tools to monitor your network.

MONITORING TOOLS Open Source Security Tools to monitor your network.
1 Vic Hargrave |

1 Vic Hargrave |
June 22-23, 2005 Technology Infusion Team Committee1 High Performance Parallel Lucene search (for an OAI federation) K. Maly, and M. Zubair Department.

June 22-23, 2005 Technology Infusion Team Committee1 High Performance Parallel Lucene search (for an OAI federation) K. Maly, and M. Zubair Department.
Progress Report 11/1/01 Matt Bridges. Overview Data collection and analysis tool for web site traffic Lets website administrators know who is on their.

Progress Report 11/1/01 Matt Bridges. Overview Data collection and analysis tool for web site traffic Lets website administrators know who is on their.
12/11/01 Matt Bridges Advisor: Ralph Morelli. What is Web Analytics? In traditional commerce, store owners can observe their customers habits: What time.

12/11/01 Matt Bridges Advisor: Ralph Morelli. What is Web Analytics? In traditional commerce, store owners can observe their customers habits: What time.
Open Source Security Logging ON THE CHEAP (WELL, CHEAPER ANYWAY)

Open Source Security Logging ON THE CHEAP (WELL, CHEAPER ANYWAY)
Log Monitoring, Management and Analysis with Nagios

Log Monitoring, Management and Analysis with Nagios
CERN IT Department CH-1211 Genève 23 Switzerland www.cern.ch/i t Integrating Lemon Monitoring and Alarming System with the new CERN Agile Infrastructure.

CERN IT Department CH-1211 Genève 23 Switzerland t Integrating Lemon Monitoring and Alarming System with the new CERN Agile Infrastructure.
Module 5: Managing Public Folders. Overview Managing Public Folder Data Managing Network Access to Public Folders Publishing an Outlook 2003 Form Discussion:

Module 5: Managing Public Folders. Overview Managing Public Folder Data Managing Network Access to Public Folders Publishing an Outlook 2003 Form Discussion:
` tuplejump The data engineering platform. A startup with a vision to simplify data engineering and empower the next generation of data powered miracles!

` tuplejump The data engineering platform. A startup with a vision to simplify data engineering and empower the next generation of data powered miracles!
Clemens Düpmeier (KIT / IAI)

Clemens Düpmeier (KIT / IAI)
Hadoop 2 cluster with Oracle Solaris Zones, ZFS and unified archives Orgad Kimchi - Principal Software Engineer September 29, 2014 Oracle Confidential.

Hadoop 2 cluster with Oracle Solaris Zones, ZFS and unified archives Orgad Kimchi - Principal Software Engineer September 29, 2014 Oracle Confidential.
AxKit A member of the Apache XML project Ryan Maslyn Kyle Bechtel.

AxKit A member of the Apache XML project Ryan Maslyn Kyle Bechtel.
Carlos Fernando Gamboa RACF, BNL HEPiX

Carlos Fernando Gamboa RACF, BNL HEPiX
CERN IT Department CH-1211 Geneva 23 Switzerland t CF Computing Facilities Agile Infrastructure Monitoring CERN IT/CF.

CERN IT Department CH-1211 Geneva 23 Switzerland t CF Computing Facilities Agile Infrastructure Monitoring CERN IT/CF.
2 Floor, 288-25, Sunnae-Dong,Kangdong-Gu Seoul, Korea T 82 2 470 7689 | F 82 2 470 7689 | www.seojindsa.kr SEOJINDSA CO. LTD Enterprise LDAP Team LDAP.

2 Floor, , Sunnae-Dong,Kangdong-Gu Seoul, Korea T | F | SEOJINDSA CO. LTD Enterprise LDAP Team LDAP.
+ Logentries Is a Real-Time Log Analytics Service for Aggregating, Analyzing, and Alerting on Log Data from Microsoft Azure Apps and Systems MICROSOFT.

+ Logentries Is a Real-Time Log Analytics Service for Aggregating, Analyzing, and Alerting on Log Data from Microsoft Azure Apps and Systems MICROSOFT.
By Ruizhe Ma, Avinash Madineni Sidoine Lafleur Kamgang Nov,

By Ruizhe Ma, Avinash Madineni Sidoine Lafleur Kamgang Nov,
CASTOR logging at RAL Rob Appleyard, James Adams and Kashyap Manjusha.

CASTOR logging at RAL Rob Appleyard, James Adams and Kashyap Manjusha.

Similar presentations

Ads by Google