Downloaded 10 times
![Example
input {
file {
path => "/var/log/demo/demo.log"
}
}
filter {
grok {
match => [ "message", "%{DATESTAMP} %{LOGLEVEL:log_level} %{GREEDYDATA}" ]
}
mutate {
add_field => {
"service" => "demo"
}
}
}
output {
elasticsearch {
host => mysearchserver
}
}](https://image.slidesharecdn.com/monitorallthethings1-150219133111-conversion-gate01/75/Monitor-all-the-things-Confoo-14-2048.jpg)
![Example
{
"message":"2015-02-01 21:31:02,076 INFO [dispatcher-29] awesome log",
"@version":"1",
"@timestamp":"2015-02-02T02:31:02.860Z",
"host":"mammouth",
"path":"/var/log/demo/demo.log",
"log_level":"INFO",
"service":"demo"
}](https://image.slidesharecdn.com/monitorallthethings1-150219133111-conversion-gate01/75/Monitor-all-the-things-Confoo-15-2048.jpg)
Monitor all the things - Confoo
- 1.
- 2. Call me Félix -Software Engineer - Independant - Code Java / Scala (mainly) - Build Distributed Systems - Organizer of Scala-Montreal Meetups
- 3.
- 4.
- 5. Facets - Logs - Metrics -Alerts - Traces
- 6.
- 7. Typically event basedand unstructured messages written to files.
- 8. Often the keyfor figuring out what happened.
- 9. - timestamp - severity -thread - source - clear complete message Tips
- 10. - single line* - log configuration - log state/event on error - avoid log flooding - local log rotation! Tips
- 11. Think about whatyou would like to know if it happens. Tips
- 12. In distributed systems, accessingall the log files can be painful.
- 13.
- 14. Example input { file { path=> "/var/log/demo/demo.log" } } filter { grok { match => [ "message", "%{DATESTAMP} %{LOGLEVEL:log_level} %{GREEDYDATA}" ] } mutate { add_field => { "service" => "demo" } } } output { elasticsearch { host => mysearchserver } }
- 15. Example { "message":"2015-02-01 21:31:02,076 INFO[dispatcher-29] awesome log", "@version":"1", "@timestamp":"2015-02-02T02:31:02.860Z", "host":"mammouth", "path":"/var/log/demo/demo.log", "log_level":"INFO", "service":"demo" }
- 17.
- 18.
- 19. Measurement points in thesystem.
- 20. - gauges - counters -histograms - meters - timers
- 21.
- 22. Tips - call persecond (for each endpoint) - call latency (for each endpoint) - downstream dependencies latency - limited resource size - cache - heap - thread pool - connection pool - error count/rate - unexpected conditions - feature metrics
- 23.
- 25.
- 26. Notification sent when thestate of a component is critical. (usually during the night)
- 27. Tips - simple triggers/checks -limit false positives - no false negatives - alert message should give some context
- 28. Tips For services: - healthchecks -test query - measure around alerts - log around alerts
- 29.
- 30.
- 31. A record ofthe paths a request took in the system.
- 32. Why is thisrequest slow?
- 33. Trace Aggregation - requestsampling - annotations logged locally - published ‘trace’ server - trace reconstruction - trace indexation - trace service UI
- 35.
- 36.
- 37. Store metrics. Use thegraphs and create a dashboard.
- 38. Services should publish theirhealth status.
- 39. Monitor metrics and healthstatus with simple checks to raise alerts on failure.
- 40. Build your services forproduction.
- 41. Contact and Links Félix-ÉtienneTrépanier Twitter - @felixtrepanier Github - @coderunner Links and References: https://github. com/coderunner/monitoring-references