Your SlideShare is downloading. ×
0
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Graylog2 (MongoBerlin/MongoHamburg 2010)
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Graylog2 (MongoBerlin/MongoHamburg 2010)

2,219

Published on

Published in: News & Politics
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,219
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
26
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Graylog2 – Syslog with Rails and MongoDB candy Manage your logs in the dark and have lasers going and make it look like you're from space Lennart Koopmann, 2010
  • 2. About me Lennart Koopmann 22 years old Living in Hamburg, working at Jimdo lennartkoopmann.net / @_lennart
  • 3. phpLogCon … let's not talk about that Graylog1: August 2009 Graylog2: August 2010
  • 4.  
  • 5. Syslog daemon (TCP/UDP)
  • 6. GELF (UDP)
  • 7. Graylog extended log format UDP - Max (GZIP) 8192 byte per message (Chunking is supported)
  • 8. { }
  • 9. { ' message ':'Exception: Something went wrong.' }
  • 10. { ' message ':'Exception: Something went wrong.', ' full_message ':'Stacktrace. Some env vars' }
  • 11. { ' message ':'Exception: Something went wrong.', ' full_message ':'Stacktrace. Some env vars', ' host ':'www19' }
  • 12. { ' message ':'Exception: Something went wrong.', ' full_message ':'Stacktrace. Some env vars', ' host ':'www19', ' file ':'/var/www/index.php' }
  • 13. { ' message ':'Exception: Something went wrong.', ' full_message ':'Stacktrace. Some env vars', ' host ':'www19', ' file ':'/var/www/index.php', ' line ':2638 }
  • 14. { ' message ':'Exception: Something went wrong.', ' full_message ':'Stacktrace. Some env vars', ' host ':'www19', ' file ':'/var/www/index.php', ' line ':2638, ' level ':1 }
  • 15. Chunking
  • 16. Use Cases
  • 17. Plain syslog Collect everything of your /var/log from all servers, aggregate, analyze and get a warning if something goes wrong
  • 18. GELF Embed it into the logging class of your application and trigger with every error. Include stacktrace and env vars in full message. Later filter by file:line to get statistics.
  • 19. Aggregate, analyze and get a warning if something goes wrong
  • 20. Notifications Currently only Nagios hook (rake task) – Triggered at too many messages in last X minutes Fine grained notifications coming with incident management. (Email, SMS APIs, XMPP)
  • 21. Average page generation time Graylog1 / MySQL: ~12000ms
  • 22. Average page generation time Graylog1 / MySQL: ~12000ms Graylog2 / MongoDB: ~250ms
  • 23. Roadmap
  • 24. Incident management
  • 25. Define chained rules that explain an incident. Trigger several actions when incident occurs.
  • 26. Fine grained notifications
  • 27. Be informed via Email, XMPP, SMS by Graylog2 directly without Nagios hook
  • 28. More analyzing
  • 29. Thank you. www.graylog2.org / @Graylog2 www.lennartkoopmann.net / @_lennart (Slides are on Slideshare)

×