SlideShare a Scribd company logo
1 of 97
Download to read offline
Practical logstash -
 beyond the basics.
Tomas Doran (t0m) <bobtfish@bobtfish.net>
Who are you

• Sysadmin at TIM Group
• t0m on irc.freenode.net
• twitter.com/bobtfish
• github.com/bobtfish
• slideshare.com/bobtfish
Logstash
Logstash
• I hope you already know what logstash is?
Logstash
• I hope you already know what logstash is?
• I’m going to talk about our implementation.
Logstash
• I hope you already know what logstash is?
• I’m going to talk about our implementation.
 • Elasticsearch
Logstash
• I hope you already know what logstash is?
• I’m going to talk about our implementation.
 • Elasticsearch
 • Metrics
Logstash
• I hope you already know what logstash is?
• I’m going to talk about our implementation.
 • Elasticsearch
 • Metrics
 • Nagios
Logstash
• I hope you already know what logstash is?
• I’m going to talk about our implementation.
 • Elasticsearch
 • Metrics
 • Nagios
 • Riemann
London devops logging
> 55 million messages a day
> 55 million messages a day

• Now ~30Gb of indexed data per day
• All our applications
• All of syslog
• Used by developers and product managers
• 2 x DL360s with 8x600Gb discs, also
  graphite install
About 4 months old
About 4 months old

• Almost all apps onboard to various levels
• All of syslog was easy
• Still haven’t done apache logs
• Haven’t comprehensively done router/
  switches
• Lots of apps still emit directly to graphite
Java
Java

• All our apps are Java / Scala / Clojure
Java

• All our apps are Java / Scala / Clojure
• https://github.com/tlrx/slf4j-logback-zeromq
Java

• All our apps are Java / Scala / Clojure
• https://github.com/tlrx/slf4j-logback-zeromq
• Own layer (x2 1 Java, 1 Scala) for sending
  structured events as JSON
Java

• All our apps are Java / Scala / Clojure
• https://github.com/tlrx/slf4j-logback-zeromq
• Own layer (x2 1 Java, 1 Scala) for sending
  structured events as JSON
• Java developers hate native code
On host log collector
On host log collector

• Need a lightweight log shipper.
• VMs with 1Gb of RAM..

• Message::Passing - perl library I wrote.
• Small, light, pluggable
On host log collector
On host log collector
• Application to logcollector is ZMQ
 • Small amount of buffering (1000
    messages)
On host log collector
• Application to logcollector is ZMQ
 • Small amount of buffering (1000
    messages)
• logcollector to logstash is ZMQ
 • Large amount of buffering (disc offload,
    100s of thousands of messages)
ZeroMQ has the
correct semantics
ZeroMQ has the
    correct semantics
• Pub/Sub sockets
ZeroMQ has the
    correct semantics
• Pub/Sub sockets
• Never, ever blocking
ZeroMQ has the
    correct semantics
• Pub/Sub sockets
• Never, ever blocking
• Lossy! (If needed)
ZeroMQ has the
    correct semantics
• Pub/Sub sockets
• Never, ever blocking
• Lossy! (If needed)
• Buffer sizes / locations configureable
ZeroMQ has the
    correct semantics
• Pub/Sub sockets
• Never, ever blocking
• Lossy! (If needed)
• Buffer sizes / locations configureable
• Arbitrary message size
ZeroMQ has the
    correct semantics
• Pub/Sub sockets
• Never, ever blocking
• Lossy! (If needed)
• Buffer sizes / locations configureable
• Arbitrary message size
• IO done in a background thread (nice in
  interpreted languages - ruby/perl/python)
What, no AMQP?
What, no AMQP?

• Could go logcollector => AMQP =>
  logstash for extra durability
What, no AMQP?

• Could go logcollector => AMQP =>
  logstash for extra durability
• ZMQ buffering ‘good enough’
What, no AMQP?

• Could go logcollector => AMQP =>
  logstash for extra durability
• ZMQ buffering ‘good enough’
• logstash uses a pure ruby AMQP decoder
What, no AMQP?

• Could go logcollector => AMQP =>
  logstash for extra durability
• ZMQ buffering ‘good enough’
• logstash uses a pure ruby AMQP decoder
• Slooooowwwwww
Reliability
Reliability

• Multiple Elasticsearch servers (obvious)!
Reliability

• Multiple Elasticsearch servers (obvious)!
• Due to ZMQ buffering, you can:
 • restart logstash, messages just buffer on
    hosts whilst it’s unavailable
  • restart logcollector, messages from apps
    buffer (lose some syslog)
Reliability: TODO
Reliability: TODO

• Elasticsearch cluster getting sick happens
Reliability: TODO

• Elasticsearch cluster getting sick happens
• In-flight messages in logstash lost :(
Reliability: TODO

• Elasticsearch cluster getting sick happens
• In-flight messages in logstash lost :(
• Solution - elasticsearch_river output
 • logstash => durable RabbitMQ queue
 • ES reads from queue
 • Also faster - uses bulk API
Redundancy
Redundancy
• Add a UUID to each message at emission
  point.
Redundancy
• Add a UUID to each message at emission
  point.
• Index in elasticsearch by UUID
Redundancy
• Add a UUID to each message at emission
  point.
• Index in elasticsearch by UUID
• Emit to two backend logstash instances
  (TODO)
Redundancy
• Add a UUID to each message at emission
  point.
• Index in elasticsearch by UUID
• Emit to two backend logstash instances
  (TODO)
• Index everything twice! (TODO)
Elasticsearch
         optimisation
• You need a template
 • compress source
 • disable _all
 • discard unwanted fields from source /
    indexing
 • tweak shards and replicas
• compact your yesterday’s index at end of
  day!
London devops logging
Elasticsearch size
Elasticsearch size
• 87 daily indexes
Elasticsearch size
• 87 daily indexes
• 800Gb of data (per instance)
Elasticsearch size
• 87 daily indexes
• 800Gb of data (per instance)
• Just bumped ES heap to 22G
 • Just writing data - 2Gb
 • Query over all indexes - 17Gb!
Elasticsearch size
• 87 daily indexes
• 800Gb of data (per instance)
• Just bumped ES heap to 22G
 • Just writing data - 2Gb
 • Query over all indexes - 17Gb!
• Hang on - 800/87 does not = 33Gb/day!
Rate has increased!


             Text
              Text



  We may have problems fitting
    onto 5 x 600Gb discs!
Standard log message
Standard event message
TimedWebRequest
TimedWebRequest
• Most obvious example of a standard event
 • App name
 • Environment
 • HTTP status
 • Page generation time
 • Request / Response size
TimedWebRequest
• Most obvious example of a standard event
 • App name
 • Environment
 • HTTP status
 • Page generation time
 • Request / Response size
• Can derive loads of metrics from this!
London devops logging
statsd
statsd
• Rolls up counters and timers into metrics
statsd
• Rolls up counters and timers into metrics
• One bucket per stat, emits values every 10
  seconds
statsd
• Rolls up counters and timers into metrics
• One bucket per stat, emits values every 10
  seconds
• Counters: Request rate, HTTP status rate
statsd
• Rolls up counters and timers into metrics
• One bucket per stat, emits values every 10
  seconds
• Counters: Request rate, HTTP status rate
• Timers: Total page time, mean page time,
  min/max page times
statsd
statsd
JSON everywhere
JSON everywhere

• Legacy shell ftp mirror scripts
• gitolite hooks for deployments
• keepalived health checks
JSON everywhere
echo "JSON:{"nagios_service":"${SERVICE}",
"nagios_status":"${STATUS_CODE}",
"message":"${STATUS_TEXT}"}" |
 logger -t nagios
Alerting
Alerting use cases:

• Replaced nsca client with standardised log
  pipeline
• Developers log an event and get (one!)
  email warning of client side exceptions
• Passive health monitoring - ‘did we log
  something recently’
Riemann
Riemann

• Using for some simple health checking
Riemann

• Using for some simple health checking
 • logcollector health
Riemann

• Using for some simple health checking
 • logcollector health
 • Load balancer instance health
Riemann
Riemann
• Ambitious plans to do more
Riemann
• Ambitious plans to do more
 • Web pool health (>= n nodes)
Riemann
• Ambitious plans to do more
 • Web pool health (>= n nodes)
 • Replace statsd
Riemann
• Ambitious plans to do more
 • Web pool health (>= n nodes)
 • Replace statsd
 • Transit collectd data via logstash and
    use to emit to graphite
Riemann
• Ambitious plans to do more
 • Web pool health (>= n nodes)
 • Replace statsd
 • Transit collectd data via logstash and
    use to emit to graphite
  • disc usage trending / prediction
Metadata
Metadata

• It’s all about the metadata
Metadata

• It’s all about the metadata
• Structured events are describable
Metadata

• It’s all about the metadata
• Structured events are describable
• Common patterns to give standard
  metrics / alerting for free
Metadata

• It’s all about the metadata
• Structured events are describable
• Common patterns to give standard
  metrics / alerting for free
• Dashboards!
Dashboard love/hate
Dashboard love/hate
• Riemann x 2
Dashboard love/hate
• Riemann x 2
• Graphite dashboards x 2
Dashboard love/hate
• Riemann x 2
• Graphite dashboards x 2
• Nagios x 3
Dashboard love/hate
• Riemann x 2
• Graphite dashboards x 2
• Nagios x 3
• CI radiator
Dashboard love/hate
• Riemann x 2
• Graphite dashboards x 2
• Nagios x 3
• CI radiator
Dashboard love/hate
• Riemann x 2
• Graphite dashboards x 2
• Nagios x 3
• CI radiator

• Information overload!
Thanks!

• Questions?

• slides with more detail about my log
  collector code:
  • http://slideshare.net/bobtfish/

More Related Content

What's hot

Ansible v2 and Beyond (Ansible Hawai'i Meetup)
Ansible v2 and Beyond (Ansible Hawai'i Meetup)Ansible v2 and Beyond (Ansible Hawai'i Meetup)
Ansible v2 and Beyond (Ansible Hawai'i Meetup)Timothy Appnel
 
Async and Non-blocking IO w/ JRuby
Async and Non-blocking IO w/ JRubyAsync and Non-blocking IO w/ JRuby
Async and Non-blocking IO w/ JRubyJoe Kutner
 
Learn you some Ansible for great good!
Learn you some Ansible for great good!Learn you some Ansible for great good!
Learn you some Ansible for great good!David Lapsley
 
Introduction to Apache Camel
Introduction to Apache CamelIntroduction to Apache Camel
Introduction to Apache CamelClaus Ibsen
 
Altitude SF 2017: Advanced VCL: Shielding and Clustering
Altitude SF 2017: Advanced VCL: Shielding and ClusteringAltitude SF 2017: Advanced VCL: Shielding and Clustering
Altitude SF 2017: Advanced VCL: Shielding and ClusteringFastly
 
DjangoCon 2010 Scaling Disqus
DjangoCon 2010 Scaling DisqusDjangoCon 2010 Scaling Disqus
DjangoCon 2010 Scaling Disquszeeg
 
Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Richard Donkin
 
Ehcache 3: JSR-107 on steroids at Devoxx Morocco
Ehcache 3: JSR-107 on steroids at Devoxx MoroccoEhcache 3: JSR-107 on steroids at Devoxx Morocco
Ehcache 3: JSR-107 on steroids at Devoxx MoroccoLouis Jacomet
 
Data Analytics Service Company and Its Ruby Usage
Data Analytics Service Company and Its Ruby UsageData Analytics Service Company and Its Ruby Usage
Data Analytics Service Company and Its Ruby UsageSATOSHI TAGOMORI
 
Shall we play a game?
Shall we play a game?Shall we play a game?
Shall we play a game?Maciej Lasyk
 
Chasing AMI - Building Amazon machine images with Puppet, Packer and Jenkins
Chasing AMI - Building Amazon machine images with Puppet, Packer and JenkinsChasing AMI - Building Amazon machine images with Puppet, Packer and Jenkins
Chasing AMI - Building Amazon machine images with Puppet, Packer and JenkinsTomas Doran
 
ApacheCon EU 2016 - Apache Camel the integration library
ApacheCon EU 2016 - Apache Camel the integration libraryApacheCon EU 2016 - Apache Camel the integration library
ApacheCon EU 2016 - Apache Camel the integration libraryClaus Ibsen
 
Caching reboot: javax.cache & Ehcache 3
Caching reboot: javax.cache & Ehcache 3Caching reboot: javax.cache & Ehcache 3
Caching reboot: javax.cache & Ehcache 3Louis Jacomet
 
Use case for using the ElastiCache for Redis in production
Use case for using the ElastiCache for Redis in productionUse case for using the ElastiCache for Redis in production
Use case for using the ElastiCache for Redis in production知教 本間
 
TXLF: Chef- Software Defined Infrastructure Today & Tomorrow
TXLF: Chef- Software Defined Infrastructure Today & TomorrowTXLF: Chef- Software Defined Infrastructure Today & Tomorrow
TXLF: Chef- Software Defined Infrastructure Today & TomorrowMatt Ray
 
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014Amazon Web Services
 
Mitigating Security Threats with Fastly - Joe Williams at Fastly Altitude 2015
Mitigating Security Threats with Fastly - Joe Williams at Fastly Altitude 2015Mitigating Security Threats with Fastly - Joe Williams at Fastly Altitude 2015
Mitigating Security Threats with Fastly - Joe Williams at Fastly Altitude 2015Fastly
 
Caching the Uncacheable: Leveraging Your CDN to Cache Dynamic Content
Caching the Uncacheable: Leveraging Your CDN to Cache Dynamic ContentCaching the Uncacheable: Leveraging Your CDN to Cache Dynamic Content
Caching the Uncacheable: Leveraging Your CDN to Cache Dynamic ContentFastly
 
Kafka Summit NYC 2017 - Running Hundreds of Kafka Clusters with 5 People
Kafka Summit NYC 2017 - Running Hundreds of Kafka Clusters with 5 PeopleKafka Summit NYC 2017 - Running Hundreds of Kafka Clusters with 5 People
Kafka Summit NYC 2017 - Running Hundreds of Kafka Clusters with 5 Peopleconfluent
 

What's hot (20)

pgWALSync
pgWALSyncpgWALSync
pgWALSync
 
Ansible v2 and Beyond (Ansible Hawai'i Meetup)
Ansible v2 and Beyond (Ansible Hawai'i Meetup)Ansible v2 and Beyond (Ansible Hawai'i Meetup)
Ansible v2 and Beyond (Ansible Hawai'i Meetup)
 
Async and Non-blocking IO w/ JRuby
Async and Non-blocking IO w/ JRubyAsync and Non-blocking IO w/ JRuby
Async and Non-blocking IO w/ JRuby
 
Learn you some Ansible for great good!
Learn you some Ansible for great good!Learn you some Ansible for great good!
Learn you some Ansible for great good!
 
Introduction to Apache Camel
Introduction to Apache CamelIntroduction to Apache Camel
Introduction to Apache Camel
 
Altitude SF 2017: Advanced VCL: Shielding and Clustering
Altitude SF 2017: Advanced VCL: Shielding and ClusteringAltitude SF 2017: Advanced VCL: Shielding and Clustering
Altitude SF 2017: Advanced VCL: Shielding and Clustering
 
DjangoCon 2010 Scaling Disqus
DjangoCon 2010 Scaling DisqusDjangoCon 2010 Scaling Disqus
DjangoCon 2010 Scaling Disqus
 
Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)
 
Ehcache 3: JSR-107 on steroids at Devoxx Morocco
Ehcache 3: JSR-107 on steroids at Devoxx MoroccoEhcache 3: JSR-107 on steroids at Devoxx Morocco
Ehcache 3: JSR-107 on steroids at Devoxx Morocco
 
Data Analytics Service Company and Its Ruby Usage
Data Analytics Service Company and Its Ruby UsageData Analytics Service Company and Its Ruby Usage
Data Analytics Service Company and Its Ruby Usage
 
Shall we play a game?
Shall we play a game?Shall we play a game?
Shall we play a game?
 
Chasing AMI - Building Amazon machine images with Puppet, Packer and Jenkins
Chasing AMI - Building Amazon machine images with Puppet, Packer and JenkinsChasing AMI - Building Amazon machine images with Puppet, Packer and Jenkins
Chasing AMI - Building Amazon machine images with Puppet, Packer and Jenkins
 
ApacheCon EU 2016 - Apache Camel the integration library
ApacheCon EU 2016 - Apache Camel the integration libraryApacheCon EU 2016 - Apache Camel the integration library
ApacheCon EU 2016 - Apache Camel the integration library
 
Caching reboot: javax.cache & Ehcache 3
Caching reboot: javax.cache & Ehcache 3Caching reboot: javax.cache & Ehcache 3
Caching reboot: javax.cache & Ehcache 3
 
Use case for using the ElastiCache for Redis in production
Use case for using the ElastiCache for Redis in productionUse case for using the ElastiCache for Redis in production
Use case for using the ElastiCache for Redis in production
 
TXLF: Chef- Software Defined Infrastructure Today & Tomorrow
TXLF: Chef- Software Defined Infrastructure Today & TomorrowTXLF: Chef- Software Defined Infrastructure Today & Tomorrow
TXLF: Chef- Software Defined Infrastructure Today & Tomorrow
 
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
(WEB401) Optimizing Your Web Server on AWS | AWS re:Invent 2014
 
Mitigating Security Threats with Fastly - Joe Williams at Fastly Altitude 2015
Mitigating Security Threats with Fastly - Joe Williams at Fastly Altitude 2015Mitigating Security Threats with Fastly - Joe Williams at Fastly Altitude 2015
Mitigating Security Threats with Fastly - Joe Williams at Fastly Altitude 2015
 
Caching the Uncacheable: Leveraging Your CDN to Cache Dynamic Content
Caching the Uncacheable: Leveraging Your CDN to Cache Dynamic ContentCaching the Uncacheable: Leveraging Your CDN to Cache Dynamic Content
Caching the Uncacheable: Leveraging Your CDN to Cache Dynamic Content
 
Kafka Summit NYC 2017 - Running Hundreds of Kafka Clusters with 5 People
Kafka Summit NYC 2017 - Running Hundreds of Kafka Clusters with 5 PeopleKafka Summit NYC 2017 - Running Hundreds of Kafka Clusters with 5 People
Kafka Summit NYC 2017 - Running Hundreds of Kafka Clusters with 5 People
 

Viewers also liked

Elastic - ELK, Logstash & Kibana
Elastic - ELK, Logstash & KibanaElastic - ELK, Logstash & Kibana
Elastic - ELK, Logstash & KibanaSpringPeople
 
Tuning Elasticsearch Indexing Pipeline for Logs
Tuning Elasticsearch Indexing Pipeline for LogsTuning Elasticsearch Indexing Pipeline for Logs
Tuning Elasticsearch Indexing Pipeline for LogsSematext Group, Inc.
 
Getting the fish (ball) in the net
Getting the fish (ball) in the netGetting the fish (ball) in the net
Getting the fish (ball) in the netAli Anani, PhD
 
Grafico diario del dax perfomance index para el 09 12-2011
Grafico diario del dax perfomance index para el 09 12-2011Grafico diario del dax perfomance index para el 09 12-2011
Grafico diario del dax perfomance index para el 09 12-2011Experiencia Trading
 
Hashtags & Retweets: Using Twitter to aid Community, Communication and Casual...
Hashtags & Retweets: Using Twitter to aid Community, Communication and Casual...Hashtags & Retweets: Using Twitter to aid Community, Communication and Casual...
Hashtags & Retweets: Using Twitter to aid Community, Communication and Casual...Peter Reed
 
気象庁発表の地震情報
気象庁発表の地震情報気象庁発表の地震情報
気象庁発表の地震情報Kentaro Ikehata
 
off grid solar product UNIVPO
off grid solar product UNIVPOoff grid solar product UNIVPO
off grid solar product UNIVPOMark Robinson
 
8th grade founding father project[1]
8th grade founding father project[1]8th grade founding father project[1]
8th grade founding father project[1]tpoynton
 
JS非同期処理のいま
JS非同期処理のいまJS非同期処理のいま
JS非同期処理のいまMasakazu Muraoka
 
DNA of Automation - Sudeep Somani
DNA of Automation - Sudeep SomaniDNA of Automation - Sudeep Somani
DNA of Automation - Sudeep SomaniThoughtworks
 
Social Network Analysis Of Intangibles
Social Network Analysis Of IntangiblesSocial Network Analysis Of Intangibles
Social Network Analysis Of IntangiblesAli Anani, PhD
 
Faerie Glen Photos from Isle of Skye, Scotland - It's like visiting The Shire!
Faerie Glen Photos from Isle of Skye, Scotland - It's like visiting The Shire!Faerie Glen Photos from Isle of Skye, Scotland - It's like visiting The Shire!
Faerie Glen Photos from Isle of Skye, Scotland - It's like visiting The Shire!Ancestral Chef
 

Viewers also liked (18)

Elastic - ELK, Logstash & Kibana
Elastic - ELK, Logstash & KibanaElastic - ELK, Logstash & Kibana
Elastic - ELK, Logstash & Kibana
 
Tuning Elasticsearch Indexing Pipeline for Logs
Tuning Elasticsearch Indexing Pipeline for LogsTuning Elasticsearch Indexing Pipeline for Logs
Tuning Elasticsearch Indexing Pipeline for Logs
 
Introduction to BDD
Introduction to BDDIntroduction to BDD
Introduction to BDD
 
Getting the fish (ball) in the net
Getting the fish (ball) in the netGetting the fish (ball) in the net
Getting the fish (ball) in the net
 
Grafico diario del dax perfomance index para el 09 12-2011
Grafico diario del dax perfomance index para el 09 12-2011Grafico diario del dax perfomance index para el 09 12-2011
Grafico diario del dax perfomance index para el 09 12-2011
 
Hashtags & Retweets: Using Twitter to aid Community, Communication and Casual...
Hashtags & Retweets: Using Twitter to aid Community, Communication and Casual...Hashtags & Retweets: Using Twitter to aid Community, Communication and Casual...
Hashtags & Retweets: Using Twitter to aid Community, Communication and Casual...
 
Simple School Lunch Ideas
Simple School Lunch IdeasSimple School Lunch Ideas
Simple School Lunch Ideas
 
気象庁発表の地震情報
気象庁発表の地震情報気象庁発表の地震情報
気象庁発表の地震情報
 
off grid solar product UNIVPO
off grid solar product UNIVPOoff grid solar product UNIVPO
off grid solar product UNIVPO
 
Disaster Risk Reduction
Disaster Risk ReductionDisaster Risk Reduction
Disaster Risk Reduction
 
8th grade founding father project[1]
8th grade founding father project[1]8th grade founding father project[1]
8th grade founding father project[1]
 
JS非同期処理のいま
JS非同期処理のいまJS非同期処理のいま
JS非同期処理のいま
 
Zaragoza turismo 234
Zaragoza turismo 234Zaragoza turismo 234
Zaragoza turismo 234
 
DNA of Automation - Sudeep Somani
DNA of Automation - Sudeep SomaniDNA of Automation - Sudeep Somani
DNA of Automation - Sudeep Somani
 
Social Network Analysis Of Intangibles
Social Network Analysis Of IntangiblesSocial Network Analysis Of Intangibles
Social Network Analysis Of Intangibles
 
PRywatki na Wykładzinie bez krawatów vol.1 - Po co dane w komunikacji w socia...
PRywatki na Wykładzinie bez krawatów vol.1 - Po co dane w komunikacji w socia...PRywatki na Wykładzinie bez krawatów vol.1 - Po co dane w komunikacji w socia...
PRywatki na Wykładzinie bez krawatów vol.1 - Po co dane w komunikacji w socia...
 
Xsi unity pipeline
Xsi unity pipelineXsi unity pipeline
Xsi unity pipeline
 
Faerie Glen Photos from Isle of Skye, Scotland - It's like visiting The Shire!
Faerie Glen Photos from Isle of Skye, Scotland - It's like visiting The Shire!Faerie Glen Photos from Isle of Skye, Scotland - It's like visiting The Shire!
Faerie Glen Photos from Isle of Skye, Scotland - It's like visiting The Shire!
 

Similar to London devops logging

Message:Passing - lpw 2012
Message:Passing - lpw 2012Message:Passing - lpw 2012
Message:Passing - lpw 2012Tomas Doran
 
Messaging, interoperability and log aggregation - a new framework
Messaging, interoperability and log aggregation - a new frameworkMessaging, interoperability and log aggregation - a new framework
Messaging, interoperability and log aggregation - a new frameworkTomas Doran
 
From 100s to 100s of Millions
From 100s to 100s of MillionsFrom 100s to 100s of Millions
From 100s to 100s of MillionsErik Onnen
 
«Scrapy internals» Александр Сибиряков, Scrapinghub
«Scrapy internals» Александр Сибиряков, Scrapinghub«Scrapy internals» Александр Сибиряков, Scrapinghub
«Scrapy internals» Александр Сибиряков, Scrapinghubit-people
 
Using Riak for Events storage and analysis at Booking.com
Using Riak for Events storage and analysis at Booking.comUsing Riak for Events storage and analysis at Booking.com
Using Riak for Events storage and analysis at Booking.comDamien Krotkine
 
Cassandra Day Atlanta 2015: Diagnosing Problems in Production
Cassandra Day Atlanta 2015: Diagnosing Problems in ProductionCassandra Day Atlanta 2015: Diagnosing Problems in Production
Cassandra Day Atlanta 2015: Diagnosing Problems in ProductionDataStax Academy
 
Cassandra Day Chicago 2015: Diagnosing Problems in Production
Cassandra Day Chicago 2015: Diagnosing Problems in ProductionCassandra Day Chicago 2015: Diagnosing Problems in Production
Cassandra Day Chicago 2015: Diagnosing Problems in ProductionDataStax Academy
 
Cassandra Day London 2015: Diagnosing Problems in Production
Cassandra Day London 2015: Diagnosing Problems in ProductionCassandra Day London 2015: Diagnosing Problems in Production
Cassandra Day London 2015: Diagnosing Problems in ProductionDataStax Academy
 
Sphinx at Craigslist in 2012
Sphinx at Craigslist in 2012Sphinx at Craigslist in 2012
Sphinx at Craigslist in 2012Jeremy Zawodny
 
(ARC348) Seagull: How Yelp Built A System For Task Execution
(ARC348) Seagull: How Yelp Built A System For Task Execution(ARC348) Seagull: How Yelp Built A System For Task Execution
(ARC348) Seagull: How Yelp Built A System For Task ExecutionAmazon Web Services
 
Diagnosing Problems in Production (Nov 2015)
Diagnosing Problems in Production (Nov 2015)Diagnosing Problems in Production (Nov 2015)
Diagnosing Problems in Production (Nov 2015)Jon Haddad
 
Frontera распределенный робот для обхода веба в больших объемах / Александр С...
Frontera распределенный робот для обхода веба в больших объемах / Александр С...Frontera распределенный робот для обхода веба в больших объемах / Александр С...
Frontera распределенный робот для обхода веба в больших объемах / Александр С...Ontico
 
Managing Security At 1M Events a Second using Elasticsearch
Managing Security At 1M Events a Second using ElasticsearchManaging Security At 1M Events a Second using Elasticsearch
Managing Security At 1M Events a Second using ElasticsearchJoe Alex
 
Diagnosing Problems in Production - Cassandra
Diagnosing Problems in Production - CassandraDiagnosing Problems in Production - Cassandra
Diagnosing Problems in Production - CassandraJon Haddad
 
Best practices for highly available and large scale SolrCloud
Best practices for highly available and large scale SolrCloudBest practices for highly available and large scale SolrCloud
Best practices for highly available and large scale SolrCloudAnshum Gupta
 
Realtime Analytics on AWS
Realtime Analytics on AWSRealtime Analytics on AWS
Realtime Analytics on AWSSungmin Kim
 
Inside Of Mbga Open Platform
Inside Of Mbga Open PlatformInside Of Mbga Open Platform
Inside Of Mbga Open PlatformHideo Kimura
 
Scaling ingest pipelines with high performance computing principles - Rajiv K...
Scaling ingest pipelines with high performance computing principles - Rajiv K...Scaling ingest pipelines with high performance computing principles - Rajiv K...
Scaling ingest pipelines with high performance computing principles - Rajiv K...SignalFx
 

Similar to London devops logging (20)

Message:Passing - lpw 2012
Message:Passing - lpw 2012Message:Passing - lpw 2012
Message:Passing - lpw 2012
 
Messaging, interoperability and log aggregation - a new framework
Messaging, interoperability and log aggregation - a new frameworkMessaging, interoperability and log aggregation - a new framework
Messaging, interoperability and log aggregation - a new framework
 
From 100s to 100s of Millions
From 100s to 100s of MillionsFrom 100s to 100s of Millions
From 100s to 100s of Millions
 
«Scrapy internals» Александр Сибиряков, Scrapinghub
«Scrapy internals» Александр Сибиряков, Scrapinghub«Scrapy internals» Александр Сибиряков, Scrapinghub
«Scrapy internals» Александр Сибиряков, Scrapinghub
 
Zero mq logs
Zero mq logsZero mq logs
Zero mq logs
 
Using Riak for Events storage and analysis at Booking.com
Using Riak for Events storage and analysis at Booking.comUsing Riak for Events storage and analysis at Booking.com
Using Riak for Events storage and analysis at Booking.com
 
Cassandra Day Atlanta 2015: Diagnosing Problems in Production
Cassandra Day Atlanta 2015: Diagnosing Problems in ProductionCassandra Day Atlanta 2015: Diagnosing Problems in Production
Cassandra Day Atlanta 2015: Diagnosing Problems in Production
 
Cassandra Day Chicago 2015: Diagnosing Problems in Production
Cassandra Day Chicago 2015: Diagnosing Problems in ProductionCassandra Day Chicago 2015: Diagnosing Problems in Production
Cassandra Day Chicago 2015: Diagnosing Problems in Production
 
Cassandra Day London 2015: Diagnosing Problems in Production
Cassandra Day London 2015: Diagnosing Problems in ProductionCassandra Day London 2015: Diagnosing Problems in Production
Cassandra Day London 2015: Diagnosing Problems in Production
 
Sphinx at Craigslist in 2012
Sphinx at Craigslist in 2012Sphinx at Craigslist in 2012
Sphinx at Craigslist in 2012
 
(ARC348) Seagull: How Yelp Built A System For Task Execution
(ARC348) Seagull: How Yelp Built A System For Task Execution(ARC348) Seagull: How Yelp Built A System For Task Execution
(ARC348) Seagull: How Yelp Built A System For Task Execution
 
Advanced Operations
Advanced OperationsAdvanced Operations
Advanced Operations
 
Diagnosing Problems in Production (Nov 2015)
Diagnosing Problems in Production (Nov 2015)Diagnosing Problems in Production (Nov 2015)
Diagnosing Problems in Production (Nov 2015)
 
Frontera распределенный робот для обхода веба в больших объемах / Александр С...
Frontera распределенный робот для обхода веба в больших объемах / Александр С...Frontera распределенный робот для обхода веба в больших объемах / Александр С...
Frontera распределенный робот для обхода веба в больших объемах / Александр С...
 
Managing Security At 1M Events a Second using Elasticsearch
Managing Security At 1M Events a Second using ElasticsearchManaging Security At 1M Events a Second using Elasticsearch
Managing Security At 1M Events a Second using Elasticsearch
 
Diagnosing Problems in Production - Cassandra
Diagnosing Problems in Production - CassandraDiagnosing Problems in Production - Cassandra
Diagnosing Problems in Production - Cassandra
 
Best practices for highly available and large scale SolrCloud
Best practices for highly available and large scale SolrCloudBest practices for highly available and large scale SolrCloud
Best practices for highly available and large scale SolrCloud
 
Realtime Analytics on AWS
Realtime Analytics on AWSRealtime Analytics on AWS
Realtime Analytics on AWS
 
Inside Of Mbga Open Platform
Inside Of Mbga Open PlatformInside Of Mbga Open Platform
Inside Of Mbga Open Platform
 
Scaling ingest pipelines with high performance computing principles - Rajiv K...
Scaling ingest pipelines with high performance computing principles - Rajiv K...Scaling ingest pipelines with high performance computing principles - Rajiv K...
Scaling ingest pipelines with high performance computing principles - Rajiv K...
 

More from Tomas Doran

Dockersh and a brief intro to the docker internals
Dockersh and a brief intro to the docker internalsDockersh and a brief intro to the docker internals
Dockersh and a brief intro to the docker internalsTomas Doran
 
Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014Tomas Doran
 
Steamlining your puppet development workflow
Steamlining your puppet development workflowSteamlining your puppet development workflow
Steamlining your puppet development workflowTomas Doran
 
Building a smarter application stack - service discovery and wiring for Docker
Building a smarter application stack - service discovery and wiring for DockerBuilding a smarter application stack - service discovery and wiring for Docker
Building a smarter application stack - service discovery and wiring for DockerTomas Doran
 
Deploying puppet code at light speed
Deploying puppet code at light speedDeploying puppet code at light speed
Deploying puppet code at light speedTomas Doran
 
Thinking through puppet code layout
Thinking through puppet code layoutThinking through puppet code layout
Thinking through puppet code layoutTomas Doran
 
Docker puppetcamp london 2013
Docker puppetcamp london 2013Docker puppetcamp london 2013
Docker puppetcamp london 2013Tomas Doran
 
"The worst code I ever wrote"
"The worst code I ever wrote""The worst code I ever wrote"
"The worst code I ever wrote"Tomas Doran
 
Test driven infrastructure development (2 - puppetconf 2013 edition)
Test driven infrastructure development (2 - puppetconf 2013 edition)Test driven infrastructure development (2 - puppetconf 2013 edition)
Test driven infrastructure development (2 - puppetconf 2013 edition)Tomas Doran
 
Test driven infrastructure development
Test driven infrastructure developmentTest driven infrastructure development
Test driven infrastructure developmentTomas Doran
 
London devops - orc
London devops - orcLondon devops - orc
London devops - orcTomas Doran
 
Webapp security testing
Webapp security testingWebapp security testing
Webapp security testingTomas Doran
 
Webapp security testing
Webapp security testingWebapp security testing
Webapp security testingTomas Doran
 
Dates aghhhh!!?!?!?!
Dates aghhhh!!?!?!?!Dates aghhhh!!?!?!?!
Dates aghhhh!!?!?!?!Tomas Doran
 
Cooking a rabbit pie
Cooking a rabbit pieCooking a rabbit pie
Cooking a rabbit pieTomas Doran
 
High scale flavour
High scale flavourHigh scale flavour
High scale flavourTomas Doran
 
Large platform architecture in (mostly) perl - an illustrated tour
Large platform architecture in (mostly) perl - an illustrated tourLarge platform architecture in (mostly) perl - an illustrated tour
Large platform architecture in (mostly) perl - an illustrated tourTomas Doran
 
Large platform architecture in (mostly) perl
Large platform architecture in (mostly) perlLarge platform architecture in (mostly) perl
Large platform architecture in (mostly) perlTomas Doran
 
Web frameworks don't matter
Web frameworks don't matterWeb frameworks don't matter
Web frameworks don't matterTomas Doran
 
Real time system_performance_mon
Real time system_performance_monReal time system_performance_mon
Real time system_performance_monTomas Doran
 

More from Tomas Doran (20)

Dockersh and a brief intro to the docker internals
Dockersh and a brief intro to the docker internalsDockersh and a brief intro to the docker internals
Dockersh and a brief intro to the docker internals
 
Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014Sensu and Sensibility - Puppetconf 2014
Sensu and Sensibility - Puppetconf 2014
 
Steamlining your puppet development workflow
Steamlining your puppet development workflowSteamlining your puppet development workflow
Steamlining your puppet development workflow
 
Building a smarter application stack - service discovery and wiring for Docker
Building a smarter application stack - service discovery and wiring for DockerBuilding a smarter application stack - service discovery and wiring for Docker
Building a smarter application stack - service discovery and wiring for Docker
 
Deploying puppet code at light speed
Deploying puppet code at light speedDeploying puppet code at light speed
Deploying puppet code at light speed
 
Thinking through puppet code layout
Thinking through puppet code layoutThinking through puppet code layout
Thinking through puppet code layout
 
Docker puppetcamp london 2013
Docker puppetcamp london 2013Docker puppetcamp london 2013
Docker puppetcamp london 2013
 
"The worst code I ever wrote"
"The worst code I ever wrote""The worst code I ever wrote"
"The worst code I ever wrote"
 
Test driven infrastructure development (2 - puppetconf 2013 edition)
Test driven infrastructure development (2 - puppetconf 2013 edition)Test driven infrastructure development (2 - puppetconf 2013 edition)
Test driven infrastructure development (2 - puppetconf 2013 edition)
 
Test driven infrastructure development
Test driven infrastructure developmentTest driven infrastructure development
Test driven infrastructure development
 
London devops - orc
London devops - orcLondon devops - orc
London devops - orc
 
Webapp security testing
Webapp security testingWebapp security testing
Webapp security testing
 
Webapp security testing
Webapp security testingWebapp security testing
Webapp security testing
 
Dates aghhhh!!?!?!?!
Dates aghhhh!!?!?!?!Dates aghhhh!!?!?!?!
Dates aghhhh!!?!?!?!
 
Cooking a rabbit pie
Cooking a rabbit pieCooking a rabbit pie
Cooking a rabbit pie
 
High scale flavour
High scale flavourHigh scale flavour
High scale flavour
 
Large platform architecture in (mostly) perl - an illustrated tour
Large platform architecture in (mostly) perl - an illustrated tourLarge platform architecture in (mostly) perl - an illustrated tour
Large platform architecture in (mostly) perl - an illustrated tour
 
Large platform architecture in (mostly) perl
Large platform architecture in (mostly) perlLarge platform architecture in (mostly) perl
Large platform architecture in (mostly) perl
 
Web frameworks don't matter
Web frameworks don't matterWeb frameworks don't matter
Web frameworks don't matter
 
Real time system_performance_mon
Real time system_performance_monReal time system_performance_mon
Real time system_performance_mon
 

London devops logging

Editor's Notes

  1. \n
  2. \n
  3. \n
  4. \n
  5. \n
  6. \n
  7. \n
  8. \n
  9. \n
  10. \n
  11. \n
  12. \n
  13. \n
  14. \n
  15. \n
  16. \n
  17. \n
  18. \n
  19. The last point here is most important - ZMQ networking works entirely in a background thread perl knows nothing about, which means that you can asynchronously ship messages with no changes to your existing codebase.\n
  20. The last point here is most important - ZMQ networking works entirely in a background thread perl knows nothing about, which means that you can asynchronously ship messages with no changes to your existing codebase.\n
  21. The last point here is most important - ZMQ networking works entirely in a background thread perl knows nothing about, which means that you can asynchronously ship messages with no changes to your existing codebase.\n
  22. The last point here is most important - ZMQ networking works entirely in a background thread perl knows nothing about, which means that you can asynchronously ship messages with no changes to your existing codebase.\n
  23. The last point here is most important - ZMQ networking works entirely in a background thread perl knows nothing about, which means that you can asynchronously ship messages with no changes to your existing codebase.\n
  24. The last point here is most important - ZMQ networking works entirely in a background thread perl knows nothing about, which means that you can asynchronously ship messages with no changes to your existing codebase.\n
  25. \n
  26. \n
  27. \n
  28. \n
  29. \n
  30. \n
  31. \n
  32. \n
  33. \n
  34. \n
  35. \n
  36. \n
  37. \n
  38. \n
  39. \n
  40. \n
  41. \n
  42. \n
  43. \n
  44. \n
  45. \n
  46. \n
  47. \n
  48. \n
  49. \n
  50. \n
  51. \n
  52. \n
  53. \n
  54. \n
  55. \n
  56. \n
  57. \n
  58. \n
  59. \n
  60. \n
  61. \n
  62. \n
  63. \n
  64. \n
  65. \n
  66. \n
  67. \n
  68. \n
  69. \n
  70. \n
  71. \n
  72. \n
  73. \n
  74. \n
  75. \n
  76. \n
  77. \n
  78. \n
  79. \n