Presentation is loading. Please wait.

Presentation is loading. Please wait.

Centralized Logfile Search (a.k.a. Tracing) Vito Baggiolini with Gergo Horanyi, Felix Ehm, Stephen Page.

Published byEdward Parrish Modified over 9 years ago

Similar presentations

Presentation on theme: "Centralized Logfile Search (a.k.a. Tracing) Vito Baggiolini with Gergo Horanyi, Felix Ehm, Stephen Page."— Presentation transcript:

1 Centralized Logfile Search (a.k.a. Tracing) Vito Baggiolini with Gergo Horanyi, Felix Ehm, Stephen Page

2 Outline Introduction Architecture and current logfile sources (FECs) Kibana, the search GUI Demo Next steps 16/05/2014Vito Baggiolini2

3 Introduction Purpose: Facilitate diagnostics of the operational control system – No need to know where exactly logfiles are stored – Make logfile history easy to search and correlate – Search logfiles across all levels (Java, CMW, FESA, Drivers, OS, …) Scope: – For operations, not for development (maybe later) – Mainly to search history, not for live logging (-> use cmw-admin or tail -f) – To search many systems at once, less suitable to for individual systems (better to go the log file directly) Implementation: – Before: $plunk, very intuitive and user friendly, commercial, closed-source, – Now: ElasticSearch + Kibana, free, open-source, less intuitive + user friendly 16/05/2014Vito Baggiolini3

4 Current Architecture and log sources Syslog OS Syslog FESA2 cmw-log FESA3 cmw-log CMW NFS fgcd-log Sources Java Process Logstash1 Logstash2 Parse to key-value Elastic Search Store and search Kibana User Interface 16/05/2014Vito Baggiolini4

5 Query Bar Filters Fields Results vs Time Detailed Messages To select Time Window 16/05/2014Vito Baggiolini5 Kibana

6 16/05/2014Vito Baggiolini6 Query Bar Filters To select Time Window To share searches

7 16/05/2014Vito Baggiolini7 Fields Results vs Time Detailed Messages Click on field -> top values Filter out repeated

8 Kibana Demo http://logs.cern.ch Select time window, zoom in, zoom out Search – Enter query for keyword – Enter query for a field Click on fields to see top values and filter Filter out repeated messages Modify existing filters Display results as tables Share results with others 16/05/2014Vito Baggiolini8

9 Demo… 16/05/2014Vito Baggiolini9

10 How to make the best of Kibana Do a simple Search (e.g. for *) and filter Click on field names (not on boxes) to see top values) – Top values only over last 500! – Focus on or exclude a given event 16/05/2014Vito Baggiolini10

11 How to make the best of Kibana Do a simple Search (e.g. for system:FESA3) and then use filters Click on field names (not on boxes) to see top values) – Top values only over last 500! – Focus on or exclude a given event Play with Filters – E.g. edit existing filters Share temporary views with others Don’t yet invest too much in Dashboards => fix displays(?) Use Lucene Query Language for advanced queries and filters 16/05/2014Vito Baggiolini11

12 Next steps Make system operational (now in BETA) – Verify scalability – Add redundancy where feasible – Add sanity checks to verify proper functioning Make sure log sources and are parsed correctly to key/value – Finalize standardization of fields pushed into Elastic Search – https://wikis.cern.ch/pages/viewpage.action?pageId=73041150 https://wikis.cern.ch/pages/viewpage.action?pageId=73041150 Add Java logging input (gradually, servers first) 16/05/2014Vito Baggiolini12

Download ppt "Centralized Logfile Search (a.k.a. Tracing) Vito Baggiolini with Gergo Horanyi, Felix Ehm, Stephen Page."

Similar presentations

ISecurity GUI User-Friendly Interface. Features Full support of all green-screen functionality Simultaneous views of multiple iSecurity screens and activities.

ISecurity GUI User-Friendly Interface. Features Full support of all green-screen functionality Simultaneous views of multiple iSecurity screens and activities.
User’s Guide.

User’s Guide.
How To Start A Blog on Livejournal.com Navigation Creating an Account Naming Your Blog/Editing User Info Customizing Your Blog Updating Your Blog Adding.

How To Start A Blog on Livejournal.com Navigation Creating an Account Naming Your Blog/Editing User Info Customizing Your Blog Updating Your Blog Adding.
1 Unit & District Tools Phase 1. 2 To access the new Unit and District Tools, you will need to click on the link embedded in the MyScouting Flash page.

1 Unit & District Tools Phase 1. 2 To access the new Unit and District Tools, you will need to click on the link embedded in the MyScouting Flash page.
Accounts Payable–1099 Processing 1Freedom Systems – Accounts Payable – 1099 Processing WELCOME TO THE ACCOUNTS PAYABLE – 1099 PROCESSING WEBINAR WE WILL.

Accounts Payable–1099 Processing 1Freedom Systems – Accounts Payable – 1099 Processing WELCOME TO THE ACCOUNTS PAYABLE – 1099 PROCESSING WEBINAR WE WILL.
Bhatia, Manoj Chen, Yin Yin Clark, Neo Ghabraei, Ali Tang, John Tran, Wilson Romero, Jessica.

Bhatia, Manoj Chen, Yin Yin Clark, Neo Ghabraei, Ali Tang, John Tran, Wilson Romero, Jessica.
Introduction to eValid Presentation Outline What is eValid? About eValid, Inc. eValid Features System Architecture eValid Functional Design Script Log.

Introduction to eValid Presentation Outline What is eValid? About eValid, Inc. eValid Features System Architecture eValid Functional Design Script Log.
Figure 1. Hit analysis in 2002 of database-driven web applications Hits by Category in 2002 N = 73,873 Results Reporting 27% GME 26% Research 20% Bed Availability.

Figure 1. Hit analysis in 2002 of database-driven web applications Hits by Category in 2002 N = 73,873 Results Reporting 27% GME 26% Research 20% Bed Availability.
Microsoft Access 2007 Microsoft Access 2007 Introduction to Database Programs.

Microsoft Access 2007 Microsoft Access 2007 Introduction to Database Programs.
Students: Nadia Goshmir, Yulia Koretsky Supervisor: Shai Rozenrauch Industrial Project 234313 Advanced Tool for Automatic Testing Final Presentation.

Students: Nadia Goshmir, Yulia Koretsky Supervisor: Shai Rozenrauch Industrial Project Advanced Tool for Automatic Testing Final Presentation.
Linux Operations and Administration

Linux Operations and Administration
Introduction to our On-Line Self Service Center at WWW.CILINC.COM.

Introduction to our On-Line Self Service Center at
CPSC 203 Introduction to Computers T59 & T64 By Jie (Jeff) Gao.

CPSC 203 Introduction to Computers T59 & T64 By Jie (Jeff) Gao.
Department of Mechanical Engineering, LSUSession VII MATLAB Tutorials Session VIII Graphical User Interface using MATLAB Rajeev Madazhy

Department of Mechanical Engineering, LSUSession VII MATLAB Tutorials Session VIII Graphical User Interface using MATLAB Rajeev Madazhy
Indispensable tools for research at its best www.refworks-cos.com Introducing the New Write-N-Cite.

Indispensable tools for research at its best Introducing the New Write-N-Cite.
VT SMS System User Manual www.victorioustechnologies.co.za/vtsms.

VT SMS System User Manual
Office of Educational Technology School District of Philadelphia Introduction to Sites Google Sites This presentation is available at

Office of Educational Technology School District of Philadelphia Introduction to Sites Google Sites This presentation is available at
AUTOMATION OF WEB-FORM CREATION - KINNERA ANGADI – MS FINAL DEFENSE GUIDANCE BY – DR. DANIEL ANDRESEN.

AUTOMATION OF WEB-FORM CREATION - KINNERA ANGADI – MS FINAL DEFENSE GUIDANCE BY – DR. DANIEL ANDRESEN.
Duty Log and Chat Setup SSG Frese, Jerome S. Sensor Manager Cell 12 MDD.

Duty Log and Chat Setup SSG Frese, Jerome S. Sensor Manager Cell 12 MDD.
S511 Session 7, IU-SLIS 1 DB Implementation: MS Access Forms.

S511 Session 7, IU-SLIS 1 DB Implementation: MS Access Forms.

Similar presentations

Ads by Google