SlideShare a Scribd company logo

[131] packetbeat과 elasticsearch

NAVER D2
NAVER D2

DEVIEW 2015 DAY1. packetbeat과 elasticsearch

Technology
1 of 60
Download to read offline
Get real-time insights from your application with Packetbeat & Elasticsearch
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 2 This presentation contains • Lots of JSON objects • Pictures of cows, elks and musical instruments • A bit of Go code • Anomaly detection via moving averages
www.elastic.co 3 Tudor Golubenco twitter.com/tudor_g github.com/tsg I am
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 4 I work for
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 5 the company behind Elasticsearch Logstash Kibana
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 6 also known as the ELK stack Photo  credit:  https://www.flickr.com/photos/lsmith2010/8215026548
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 7 Distributed from day 1 Logstash 1.5 release party
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 8 Open source culture Image  credit:  https://www.flickr.com/photos/tappnel/5798812875 • We live in GitHub • We talk Pull Requests • Conferences • Community • Blog posts
www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 9 That’s not all Found Beats Watcher ShieldMarvel ES  for  Hadoop
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 10 Started an open source project Packetbeat
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 11 We wanted to do better monitoring and troubleshooting for distributed systems
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 12 Idea look at the communication between services
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 13 Capture network packets • Passively listen to network packets • Works on a copy of the traffic • It doesn’t add latency • It cannot break your application Image  credit:  https://www.flickr.com/photos/bigdrumthump/3223280727
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 14 Packet capturing 1.  Using  port  mirroring 2.  As  an  “agent”
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 15 Sniffing from a technical PoV • libpcap (tcpdump), supports all Unix like systems • Winpcap, supports Windows • For Go, gopacket provides bindings and more • High speed API for packet capturing on Linux: af_packet Image  credit:  https://www.flickr.com/photos/57881779@N04/7930362242/
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 16 Decoding
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 17 Matching requests and responses • Pipelining complicates matching the requests with the responses.
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 18 Create a JSON object for each request-response pair
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 19 SQL example
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 20 Memcache example
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 21 DNS example
www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 22 • Control information: IP addresses, TCP/ UDP ports • Request type: HTTP method, SQL query, RPC function • Request data: form parameters, payload • Response data: status code, error message, payload • Timing data: timestamp of the request, latency Packet data
www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 23 Packetbeat: Overview
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 24 There’s more to apps than packets Packetbeat   Listens  to  the  “beat”  of   the  network  packets. Topbeat   Listens  to  the  “beat”  of   the  operating  system   metrics. Image  credits:   https://www.flickr.com/photos/7147684@N03/921738874/   https://www.flickr.com/photos/bigdrumthump/3223280727   https://www.flickr.com/photos/jadeashleyphotography/6584949945/   https://www.flickr.com/photos/mitosettembremusica/2839965900/   Filebeat   Listens  to  the  “beat”  of   logs. Metricsbeat   Listens  to  the  internal   “beat”  of  systems  via   APIs.
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 25 Topbeat • Like the Unix top command but sending the data periodically to Elasticsearch • Works also on Windows
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 26 Topbeat system wide and per process stats CPU  “steal”  time Total  /  used  /  free   memory CPU  stats Per  process  stats CPU  time     consumed Process  pid,  name,   parent  pid,  etc. Memory  used
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 27 Topbeat output objects File  system  stats Mount  point Device  name Total,  used,  free   disk  space
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 28 Filebeat • Do one thing well: • Send log files to Logstash & Elasticsearch • Light on consumed resources • Easy to deploy on multiple platforms • A “Beat” based on the Logstash-Forwarder source code
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 29 Beats have libbeat in common • Go library • Provides common things for all Beats: • logging, service handling, configuration file handling, CLI flags • Outputs and filters Dev  guide  for  creating  a  new  Beat:  https://www.elastic.co/guide/en/beats/libbeat/current/index.html
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 30 Deployment: directly to ES • Option 1: Insert directly into Elasticsearch via the bulk API • Security can be provided via Shield and HTTPs
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 31 Deployment: Send to Logstash • Option 2: Insert via Logstash • Uses the Lumberjack protocol which offers security • Gives the opportunity of enriching or modifying the data
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 32 Getting insights from the data • Elasticsearch aggregations • Split the data into buckets • Apply a function over the data • Freely combine them by nesting • Work with multiple shards
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 33 Date histogram •Splits data in buckets of time
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 34 Date histogram response
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 35 Percentiles aggregation 95th percentile value means that 95% of the values are smaller than it
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 36 Percentile aggregation response
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 37 Percentile aggregation •Approximate values •T-digests algorithm by Ted Dunning •Accurate for small sets of values •More accurate for extreme percentiles
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 38 Date histogram nested with percentiles
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 39 Date histogram with nested percentiles
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 40 Result
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 41 Kibana config
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 42 Latency histogram
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 43 Histogram by response time • Splits data in buckets by response time • [0-10ms), [10ms-20ms), …
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 44 Histogram by response time
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 45 Add a date histogram
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 46 Response times repartition
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 47 Kibana config
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 48 Slowest RPC methods •Combines terms and percentiles aggregations
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 49 Terms aggregation • Buckets are dynamically built: one per unique value • By default: top 10 by document count • Approximate because each shard can have a different
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 50 Order by 99th percentile
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 51 Kibana config
www.elastic.co 52 • New in Elasticsearch 2.0 (currently in beta) • Work on the results of other aggregations Pipeline aggregations
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 53 Derivative aggregation • Metric constantly growing • Take first order derivate to see the speed of growth
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 54 Simple moving average • [1, 2, 3, 4, 5, 6, 7, 8, 9, 10] • with a window size of 5: • (1 + 2 + 3 + 4 + 5) / 5 = 3 • (2 + 3 + 4 + 5 + 6) / 5 = 4 • (3 + 4 + 5 + 6 + 7) / 5 = 5 • etc.
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 55 Exponentially weighted moving average • Older values become exponentially less important
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 56 Moving average - dynamic thresholds • yellow - measured values • purple - moving average (ewma) • green - threshold, mean + (3 * standard deviation)
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 57 Request Extended  stats  agg  for   mean  and  std   deviation Moving  averages   aggs  for  mean  and   std Bucket  script  agg Details:  https://www.elastic.co/blog/staying-­‐in-­‐control-­‐with-­‐moving-­‐averages-­‐part-­‐1
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 58 Cyclic trends - anomalies • EWMA lags behind too much • The values constantly hit the threshold
www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 59 Cyclic trends - anomalies • Holt-Winters (triple exponential) model works better for seasonal data • Requires two periods to bootstrap the algorithm
www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 60 Thanks • https://discuss.elastic.co/c/beats • Twitter: @tudor_g • We have stickers!

Recommended

[123] quality without qa
[123] quality without qa[123] quality without qa
[123] quality without qaNAVER D2
 
10+ Deploys Per Day: Dev and Ops Cooperation at Flickr
10+ Deploys Per Day: Dev and Ops Cooperation at Flickr10+ Deploys Per Day: Dev and Ops Cooperation at Flickr
10+ Deploys Per Day: Dev and Ops Cooperation at FlickrJohn Allspaw
 
Cypress e2e automation testing - day1 intor by: Hassan Hameed
Cypress e2e automation testing - day1 intor by: Hassan HameedCypress e2e automation testing - day1 intor by: Hassan Hameed
Cypress e2e automation testing - day1 intor by: Hassan HameedHassan Muhammad
 
Release the Monkeys ! Testing in the Wild at Netflix
Release the Monkeys ! Testing in the Wild at NetflixRelease the Monkeys ! Testing in the Wild at Netflix
Release the Monkeys ! Testing in the Wild at NetflixGareth Bowles
 
Continuous Integration, the minimum viable product
Continuous Integration, the minimum viable productContinuous Integration, the minimum viable product
Continuous Integration, the minimum viable productJulian Simpson
 
Puppet Camp Melbourne Nov 2014 - A Build Engineering Team’s Journey of Infras...
Puppet Camp Melbourne Nov 2014 - A Build Engineering Team’s Journey of Infras...Puppet Camp Melbourne Nov 2014 - A Build Engineering Team’s Journey of Infras...
Puppet Camp Melbourne Nov 2014 - A Build Engineering Team’s Journey of Infras...Peter Leschev
 
Cypress Automation
Cypress AutomationCypress Automation
Cypress AutomationSusantha Pathirana
 
Async webdriverjs
Async webdriverjsAsync webdriverjs
Async webdriverjsManoj Kumar Kumar
 

Recommended

[123] quality without qa
[123] quality without qa[123] quality without qa
[123] quality without qaNAVER D2
 
10+ Deploys Per Day: Dev and Ops Cooperation at Flickr
10+ Deploys Per Day: Dev and Ops Cooperation at Flickr10+ Deploys Per Day: Dev and Ops Cooperation at Flickr
10+ Deploys Per Day: Dev and Ops Cooperation at FlickrJohn Allspaw
 
Cypress e2e automation testing - day1 intor by: Hassan Hameed
Cypress e2e automation testing - day1 intor by: Hassan HameedCypress e2e automation testing - day1 intor by: Hassan Hameed
Cypress e2e automation testing - day1 intor by: Hassan HameedHassan Muhammad
 
Release the Monkeys ! Testing in the Wild at Netflix
Release the Monkeys ! Testing in the Wild at NetflixRelease the Monkeys ! Testing in the Wild at Netflix
Release the Monkeys ! Testing in the Wild at NetflixGareth Bowles
 
Continuous Integration, the minimum viable product
Continuous Integration, the minimum viable productContinuous Integration, the minimum viable product
Continuous Integration, the minimum viable productJulian Simpson
 
Puppet Camp Melbourne Nov 2014 - A Build Engineering Team’s Journey of Infras...
Puppet Camp Melbourne Nov 2014 - A Build Engineering Team’s Journey of Infras...Puppet Camp Melbourne Nov 2014 - A Build Engineering Team’s Journey of Infras...
Puppet Camp Melbourne Nov 2014 - A Build Engineering Team’s Journey of Infras...Peter Leschev
 
Cypress Automation
Cypress AutomationCypress Automation
Cypress AutomationSusantha Pathirana
 
Async webdriverjs
Async webdriverjsAsync webdriverjs
Async webdriverjsManoj Kumar Kumar
 
Configuration As Code - Adoption of the Job DSL Plugin at Netflix
Configuration As Code - Adoption of the Job DSL Plugin at NetflixConfiguration As Code - Adoption of the Job DSL Plugin at Netflix
Configuration As Code - Adoption of the Job DSL Plugin at NetflixJustin Ryan
 
Creating airplane mode proof (Xamarin) applications
Creating airplane mode proof (Xamarin) applicationsCreating airplane mode proof (Xamarin) applications
Creating airplane mode proof (Xamarin) applicationsGerald Versluis
 
Selenium Camp 2016 - Kiev, Ukraine
Selenium Camp 2016 - Kiev, UkraineSelenium Camp 2016 - Kiev, Ukraine
Selenium Camp 2016 - Kiev, UkraineJustin Ison
 
Selenoid & Allure - how to make them work together?
Selenoid & Allure - how to make them work together?Selenoid & Allure - how to make them work together?
Selenoid & Allure - how to make them work together?Michał Ślęzak
 
Ruby Concurrency Realities
Ruby Concurrency RealitiesRuby Concurrency Realities
Ruby Concurrency RealitiesMike Subelsky
 
Speed up your regression and reduce cost load with Selenoid + K8s + ReportPortal
Speed up your regression and reduce cost load with Selenoid + K8s + ReportPortalSpeed up your regression and reduce cost load with Selenoid + K8s + ReportPortal
Speed up your regression and reduce cost load with Selenoid + K8s + ReportPortalDanylo Kuvshynov
 
Come Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.js
Come Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.jsCome Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.js
Come Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.jsEric Nograles
 
Moving From a Selenium Grid to the Cloud - A Real Life Story
Moving From a Selenium Grid to the Cloud - A Real Life StoryMoving From a Selenium Grid to the Cloud - A Real Life Story
Moving From a Selenium Grid to the Cloud - A Real Life StorySauce Labs
 
QA Challenge Accepted 4.0 - Cypress vs. Selenium
QA Challenge Accepted 4.0 - Cypress vs. SeleniumQA Challenge Accepted 4.0 - Cypress vs. Selenium
QA Challenge Accepted 4.0 - Cypress vs. SeleniumLyudmil Latinov
 
Continuous Deployment at Etsy: A Tale of Two Approaches
Continuous Deployment at Etsy: A Tale of Two ApproachesContinuous Deployment at Etsy: A Tale of Two Approaches
Continuous Deployment at Etsy: A Tale of Two ApproachesRoss Snyder
 
LONDON SDET MEETUP - Difference between Selenium and Cypress presentation
LONDON SDET MEETUP - Difference between Selenium and Cypress presentationLONDON SDET MEETUP - Difference between Selenium and Cypress presentation
LONDON SDET MEETUP - Difference between Selenium and Cypress presentationSriram Angajala
 
Journey through the ML model deployment to production @DSC5
Journey through the ML model deployment to production @DSC5Journey through the ML model deployment to production @DSC5
Journey through the ML model deployment to production @DSC5SmartCat
 
Journey through the ML model deployment to production by Stanko Kuveljic
Journey through the ML model deployment to production by Stanko KuveljicJourney through the ML model deployment to production by Stanko Kuveljic
Journey through the ML model deployment to production by Stanko KuveljicSmartCat
 
Tips for better CI on Android
Tips for better CI on AndroidTips for better CI on Android
Tips for better CI on AndroidTomoaki Imai
 
Selenium Automation at Incapsula
Selenium Automation at IncapsulaSelenium Automation at Incapsula
Selenium Automation at Incapsulaadamcarmi
 
iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...
iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...
iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...Badoo
 
Selenium practical
Selenium practicalSelenium practical
Selenium practicalRuslan Strazhnyk
 
Speed = $$$
Speed = $$$Speed = $$$
Speed = $$$Peter Gfader
 
Atlassian Roadshow 2016 - DevOps Session
Atlassian Roadshow 2016 - DevOps SessionAtlassian Roadshow 2016 - DevOps Session
Atlassian Roadshow 2016 - DevOps SessionSourcesense
 
Continuous deployment-at-flipkart
Continuous deployment-at-flipkartContinuous deployment-at-flipkart
Continuous deployment-at-flipkartPankaj Kaushal
 
[114] DRC hubo technical review
[114] DRC hubo technical review[114] DRC hubo technical review
[114] DRC hubo technical reviewNAVER D2
 
[113] lessons from realm
[113] lessons from realm[113] lessons from realm
[113] lessons from realmNAVER D2
 

More Related Content

What's hot

Configuration As Code - Adoption of the Job DSL Plugin at Netflix
Configuration As Code - Adoption of the Job DSL Plugin at NetflixConfiguration As Code - Adoption of the Job DSL Plugin at Netflix
Configuration As Code - Adoption of the Job DSL Plugin at NetflixJustin Ryan
 
Creating airplane mode proof (Xamarin) applications
Creating airplane mode proof (Xamarin) applicationsCreating airplane mode proof (Xamarin) applications
Creating airplane mode proof (Xamarin) applicationsGerald Versluis
 
Selenium Camp 2016 - Kiev, Ukraine
Selenium Camp 2016 - Kiev, UkraineSelenium Camp 2016 - Kiev, Ukraine
Selenium Camp 2016 - Kiev, UkraineJustin Ison
 
Selenoid & Allure - how to make them work together?
Selenoid & Allure - how to make them work together?Selenoid & Allure - how to make them work together?
Selenoid & Allure - how to make them work together?Michał Ślęzak
 
Ruby Concurrency Realities
Ruby Concurrency RealitiesRuby Concurrency Realities
Ruby Concurrency RealitiesMike Subelsky
 
Speed up your regression and reduce cost load with Selenoid + K8s + ReportPortal
Speed up your regression and reduce cost load with Selenoid + K8s + ReportPortalSpeed up your regression and reduce cost load with Selenoid + K8s + ReportPortal
Speed up your regression and reduce cost load with Selenoid + K8s + ReportPortalDanylo Kuvshynov
 
Come Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.js
Come Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.jsCome Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.js
Come Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.jsEric Nograles
 
Moving From a Selenium Grid to the Cloud - A Real Life Story
Moving From a Selenium Grid to the Cloud - A Real Life StoryMoving From a Selenium Grid to the Cloud - A Real Life Story
Moving From a Selenium Grid to the Cloud - A Real Life StorySauce Labs
 
QA Challenge Accepted 4.0 - Cypress vs. Selenium
QA Challenge Accepted 4.0 - Cypress vs. SeleniumQA Challenge Accepted 4.0 - Cypress vs. Selenium
QA Challenge Accepted 4.0 - Cypress vs. SeleniumLyudmil Latinov
 
Continuous Deployment at Etsy: A Tale of Two Approaches
Continuous Deployment at Etsy: A Tale of Two ApproachesContinuous Deployment at Etsy: A Tale of Two Approaches
Continuous Deployment at Etsy: A Tale of Two ApproachesRoss Snyder
 
LONDON SDET MEETUP - Difference between Selenium and Cypress presentation
LONDON SDET MEETUP - Difference between Selenium and Cypress presentationLONDON SDET MEETUP - Difference between Selenium and Cypress presentation
LONDON SDET MEETUP - Difference between Selenium and Cypress presentationSriram Angajala
 
Journey through the ML model deployment to production @DSC5
Journey through the ML model deployment to production @DSC5Journey through the ML model deployment to production @DSC5
Journey through the ML model deployment to production @DSC5SmartCat
 
Journey through the ML model deployment to production by Stanko Kuveljic
Journey through the ML model deployment to production by Stanko KuveljicJourney through the ML model deployment to production by Stanko Kuveljic
Journey through the ML model deployment to production by Stanko KuveljicSmartCat
 
Tips for better CI on Android
Tips for better CI on AndroidTips for better CI on Android
Tips for better CI on AndroidTomoaki Imai
 
Selenium Automation at Incapsula
Selenium Automation at IncapsulaSelenium Automation at Incapsula
Selenium Automation at Incapsulaadamcarmi
 
iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...
iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...
iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...Badoo
 
Atlassian Roadshow 2016 - DevOps Session
Atlassian Roadshow 2016 - DevOps SessionAtlassian Roadshow 2016 - DevOps Session
Atlassian Roadshow 2016 - DevOps SessionSourcesense
 
Continuous deployment-at-flipkart
Continuous deployment-at-flipkartContinuous deployment-at-flipkart
Continuous deployment-at-flipkartPankaj Kaushal
 

What's hot (20)

Configuration As Code - Adoption of the Job DSL Plugin at Netflix
Configuration As Code - Adoption of the Job DSL Plugin at NetflixConfiguration As Code - Adoption of the Job DSL Plugin at Netflix
Configuration As Code - Adoption of the Job DSL Plugin at Netflix
 
Creating airplane mode proof (Xamarin) applications
Creating airplane mode proof (Xamarin) applicationsCreating airplane mode proof (Xamarin) applications
Creating airplane mode proof (Xamarin) applications
 
Selenium Camp 2016 - Kiev, Ukraine
Selenium Camp 2016 - Kiev, UkraineSelenium Camp 2016 - Kiev, Ukraine
Selenium Camp 2016 - Kiev, Ukraine
 
Selenoid & Allure - how to make them work together?
Selenoid & Allure - how to make them work together?Selenoid & Allure - how to make them work together?
Selenoid & Allure - how to make them work together?
 
Ruby Concurrency Realities
Ruby Concurrency RealitiesRuby Concurrency Realities
Ruby Concurrency Realities
 
Speed up your regression and reduce cost load with Selenoid + K8s + ReportPortal
Speed up your regression and reduce cost load with Selenoid + K8s + ReportPortalSpeed up your regression and reduce cost load with Selenoid + K8s + ReportPortal
Speed up your regression and reduce cost load with Selenoid + K8s + ReportPortal
 
Come Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.js
Come Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.jsCome Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.js
Come Sail Away With Me (you guys): Node.js MVC Web API's Using Sails.js
 
Moving From a Selenium Grid to the Cloud - A Real Life Story
Moving From a Selenium Grid to the Cloud - A Real Life StoryMoving From a Selenium Grid to the Cloud - A Real Life Story
Moving From a Selenium Grid to the Cloud - A Real Life Story
 
QA Challenge Accepted 4.0 - Cypress vs. Selenium
QA Challenge Accepted 4.0 - Cypress vs. SeleniumQA Challenge Accepted 4.0 - Cypress vs. Selenium
QA Challenge Accepted 4.0 - Cypress vs. Selenium
 
Continuous Deployment at Etsy: A Tale of Two Approaches
Continuous Deployment at Etsy: A Tale of Two ApproachesContinuous Deployment at Etsy: A Tale of Two Approaches
Continuous Deployment at Etsy: A Tale of Two Approaches
 
LONDON SDET MEETUP - Difference between Selenium and Cypress presentation
LONDON SDET MEETUP - Difference between Selenium and Cypress presentationLONDON SDET MEETUP - Difference between Selenium and Cypress presentation
LONDON SDET MEETUP - Difference between Selenium and Cypress presentation
 
Journey through the ML model deployment to production @DSC5
Journey through the ML model deployment to production @DSC5Journey through the ML model deployment to production @DSC5
Journey through the ML model deployment to production @DSC5
 
Journey through the ML model deployment to production by Stanko Kuveljic
Journey through the ML model deployment to production by Stanko KuveljicJourney through the ML model deployment to production by Stanko Kuveljic
Journey through the ML model deployment to production by Stanko Kuveljic
 
Tips for better CI on Android
Tips for better CI on AndroidTips for better CI on Android
Tips for better CI on Android
 
Selenium Automation at Incapsula
Selenium Automation at IncapsulaSelenium Automation at Incapsula
Selenium Automation at Incapsula
 
iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...
iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...
iOS Parallel Automation: run faster than fast — Viktar Karanevich — SeleniumC...
 
Selenium practical
Selenium practicalSelenium practical
Selenium practical
 
Speed = $$$
Speed = $$$Speed = $$$
Speed = $$$
 
Atlassian Roadshow 2016 - DevOps Session
Atlassian Roadshow 2016 - DevOps SessionAtlassian Roadshow 2016 - DevOps Session
Atlassian Roadshow 2016 - DevOps Session
 
Continuous deployment-at-flipkart
Continuous deployment-at-flipkartContinuous deployment-at-flipkart
Continuous deployment-at-flipkart
 

Viewers also liked

[114] DRC hubo technical review
[114] DRC hubo technical review[114] DRC hubo technical review
[114] DRC hubo technical reviewNAVER D2
 
[113] lessons from realm
[113] lessons from realm[113] lessons from realm
[113] lessons from realmNAVER D2
 
[142] how riot works
[142] how riot works[142] how riot works
[142] how riot worksNAVER D2
 
[112] 실전 스위프트 프로그래밍
[112] 실전 스위프트 프로그래밍[112] 실전 스위프트 프로그래밍
[112] 실전 스위프트 프로그래밍NAVER D2
 
[161] 데이터사이언스팀 빌딩
[161] 데이터사이언스팀 빌딩[161] 데이터사이언스팀 빌딩
[161] 데이터사이언스팀 빌딩NAVER D2
 
[153] apache reef
[153] apache reef[153] apache reef
[153] apache reefNAVER D2
 
[133] 브라우저는 vsync를 어떻게 활용하고 있을까
[133] 브라우저는 vsync를 어떻게 활용하고 있을까[133] 브라우저는 vsync를 어떻게 활용하고 있을까
[133] 브라우저는 vsync를 어떻게 활용하고 있을까NAVER D2
 
[162] jpa와 모던 자바 데이터 저장 기술
[162] jpa와 모던 자바 데이터 저장 기술[162] jpa와 모던 자바 데이터 저장 기술
[162] jpa와 모던 자바 데이터 저장 기술NAVER D2
 
[141] react everywhere
[141] react everywhere[141] react everywhere
[141] react everywhereNAVER D2
 
[152] 웹브라우저 감옥에서 살아남기
[152] 웹브라우저 감옥에서 살아남기[152] 웹브라우저 감옥에서 살아남기
[152] 웹브라우저 감옥에서 살아남기NAVER D2
 
[121]네이버 효과툰 구현 이야기
[121]네이버 효과툰 구현 이야기[121]네이버 효과툰 구현 이야기
[121]네이버 효과툰 구현 이야기NAVER D2
 
[124] mit cheetah 로봇의 탄생
[124] mit cheetah 로봇의 탄생[124] mit cheetah 로봇의 탄생
[124] mit cheetah 로봇의 탄생NAVER D2
 
[132] rust
[132] rust[132] rust
[132] rustNAVER D2
 
[164] pinpoint
[164] pinpoint[164] pinpoint
[164] pinpointNAVER D2
 
[122] line on apple watch
[122] line on apple watch[122] line on apple watch
[122] line on apple watchNAVER D2
 
[111] 네이버효과툰어떻게만들어졌나
[111] 네이버효과툰어떻게만들어졌나[111] 네이버효과툰어떻게만들어졌나
[111] 네이버효과툰어떻게만들어졌나NAVER D2
 
[154] 데이터 센터의 오픈 소스 open compute project (ocp)
[154] 데이터 센터의 오픈 소스 open compute project (ocp)[154] 데이터 센터의 오픈 소스 open compute project (ocp)
[154] 데이터 센터의 오픈 소스 open compute project (ocp)NAVER D2
 
[143] 모바일 혈액진단기기 개발 삽질기
[143] 모바일 혈액진단기기 개발 삽질기[143] 모바일 혈액진단기기 개발 삽질기
[143] 모바일 혈액진단기기 개발 삽질기NAVER D2
 
[144]mobile앱에서 효율적인 storage 접근 방법
[144]mobile앱에서 효율적인 storage 접근 방법[144]mobile앱에서 효율적인 storage 접근 방법
[144]mobile앱에서 효율적인 storage 접근 방법NAVER D2
 
[134] immersive sound vr
[134] immersive sound vr[134] immersive sound vr
[134] immersive sound vrNAVER D2
 

Viewers also liked (20)

[114] DRC hubo technical review
[114] DRC hubo technical review[114] DRC hubo technical review
[114] DRC hubo technical review
 
[113] lessons from realm
[113] lessons from realm[113] lessons from realm
[113] lessons from realm
 
[142] how riot works
[142] how riot works[142] how riot works
[142] how riot works
 
[112] 실전 스위프트 프로그래밍
[112] 실전 스위프트 프로그래밍[112] 실전 스위프트 프로그래밍
[112] 실전 스위프트 프로그래밍
 
[161] 데이터사이언스팀 빌딩
[161] 데이터사이언스팀 빌딩[161] 데이터사이언스팀 빌딩
[161] 데이터사이언스팀 빌딩
 
[153] apache reef
[153] apache reef[153] apache reef
[153] apache reef
 
[133] 브라우저는 vsync를 어떻게 활용하고 있을까
[133] 브라우저는 vsync를 어떻게 활용하고 있을까[133] 브라우저는 vsync를 어떻게 활용하고 있을까
[133] 브라우저는 vsync를 어떻게 활용하고 있을까
 
[162] jpa와 모던 자바 데이터 저장 기술
[162] jpa와 모던 자바 데이터 저장 기술[162] jpa와 모던 자바 데이터 저장 기술
[162] jpa와 모던 자바 데이터 저장 기술
 
[141] react everywhere
[141] react everywhere[141] react everywhere
[141] react everywhere
 
[152] 웹브라우저 감옥에서 살아남기
[152] 웹브라우저 감옥에서 살아남기[152] 웹브라우저 감옥에서 살아남기
[152] 웹브라우저 감옥에서 살아남기
 
[121]네이버 효과툰 구현 이야기
[121]네이버 효과툰 구현 이야기[121]네이버 효과툰 구현 이야기
[121]네이버 효과툰 구현 이야기
 
[124] mit cheetah 로봇의 탄생
[124] mit cheetah 로봇의 탄생[124] mit cheetah 로봇의 탄생
[124] mit cheetah 로봇의 탄생
 
[132] rust
[132] rust[132] rust
[132] rust
 
[164] pinpoint
[164] pinpoint[164] pinpoint
[164] pinpoint
 
[122] line on apple watch
[122] line on apple watch[122] line on apple watch
[122] line on apple watch
 
[111] 네이버효과툰어떻게만들어졌나
[111] 네이버효과툰어떻게만들어졌나[111] 네이버효과툰어떻게만들어졌나
[111] 네이버효과툰어떻게만들어졌나
 
[154] 데이터 센터의 오픈 소스 open compute project (ocp)
[154] 데이터 센터의 오픈 소스 open compute project (ocp)[154] 데이터 센터의 오픈 소스 open compute project (ocp)
[154] 데이터 센터의 오픈 소스 open compute project (ocp)
 
[143] 모바일 혈액진단기기 개발 삽질기
[143] 모바일 혈액진단기기 개발 삽질기[143] 모바일 혈액진단기기 개발 삽질기
[143] 모바일 혈액진단기기 개발 삽질기
 
[144]mobile앱에서 효율적인 storage 접근 방법
[144]mobile앱에서 효율적인 storage 접근 방법[144]mobile앱에서 효율적인 storage 접근 방법
[144]mobile앱에서 효율적인 storage 접근 방법
 
[134] immersive sound vr
[134] immersive sound vr[134] immersive sound vr
[134] immersive sound vr
 

Similar to [131] packetbeat과 elasticsearch

Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUESAdversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUESEMERSON EDUARDO RODRIGUES
 
Migrating to Git: Rethinking the Commit
Migrating to Git: Rethinking the CommitMigrating to Git: Rethinking the Commit
Migrating to Git: Rethinking the CommitKim Moir
 
Using Blockchain to Increase Supply Chain Transparency
Using Blockchain to Increase Supply Chain TransparencyUsing Blockchain to Increase Supply Chain Transparency
Using Blockchain to Increase Supply Chain TransparencyHorea Porutiu
 
Design for Scale / Surge 2010
Design for Scale / Surge 2010Design for Scale / Surge 2010
Design for Scale / Surge 2010Christopher Brown
 
Kubernetes and container security
Kubernetes and container securityKubernetes and container security
Kubernetes and container securityVolodymyr Shynkar
 
I can be apple and so can you
I can be apple and so can youI can be apple and so can you
I can be apple and so can youShakacon
 
Replicate Elasticsearch Data with Cross-Cluster Replication (CCR)
Replicate Elasticsearch Data with Cross-Cluster Replication (CCR)Replicate Elasticsearch Data with Cross-Cluster Replication (CCR)
Replicate Elasticsearch Data with Cross-Cluster Replication (CCR)Elasticsearch
 
Observability with Spring-based distributed systems
Observability with Spring-based distributed systemsObservability with Spring-based distributed systems
Observability with Spring-based distributed systemsTommy Ludwig
 
Hyperleger Fabric Workshop - Denver Blockchain Week
Hyperleger Fabric Workshop - Denver Blockchain WeekHyperleger Fabric Workshop - Denver Blockchain Week
Hyperleger Fabric Workshop - Denver Blockchain WeekHorea Porutiu
 
Introduction to Git, DrupalCamp LA 2015
Introduction to Git, DrupalCamp LA 2015Introduction to Git, DrupalCamp LA 2015
Introduction to Git, DrupalCamp LA 2015mwrather
 
SharePoint Authorization and Authentication-Controlling Access to Documents a...
SharePoint Authorization and Authentication-Controlling Access to Documents a...SharePoint Authorization and Authentication-Controlling Access to Documents a...
SharePoint Authorization and Authentication-Controlling Access to Documents a...Tom Resing
 
Javaone 2016 - Operational Excellence with Hystrix
Javaone 2016 - Operational Excellence with HystrixJavaone 2016 - Operational Excellence with Hystrix
Javaone 2016 - Operational Excellence with HystrixBilly Yuen
 
JavaOne 2014: Next Step in Automation: Elastic Build Environment
JavaOne 2014: Next Step in Automation: Elastic Build EnvironmentJavaOne 2014: Next Step in Automation: Elastic Build Environment
JavaOne 2014: Next Step in Automation: Elastic Build EnvironmentKohsuke Kawaguchi
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014Amazon Web Services
 
Have you been stalking your servers?
Have you been stalking your servers?Have you been stalking your servers?
Have you been stalking your servers?morpht
 
Using Chef for Automated Infrastructure in the Cloud
Using Chef for Automated Infrastructure in the CloudUsing Chef for Automated Infrastructure in the Cloud
Using Chef for Automated Infrastructure in the CloudJesse Robbins
 
Mark Harwood - Building Entity Centric Indexes - NoSQL matters Dublin 2015
Mark Harwood - Building Entity Centric Indexes - NoSQL matters Dublin 2015Mark Harwood - Building Entity Centric Indexes - NoSQL matters Dublin 2015
Mark Harwood - Building Entity Centric Indexes - NoSQL matters Dublin 2015NoSQLmatters
 
Continuously Integrating Puppet
Continuously Integrating PuppetContinuously Integrating Puppet
Continuously Integrating PuppetPuppet
 

Similar to [131] packetbeat과 elasticsearch (20)

Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUESAdversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUES
Adversary Emulation and Cracking The Bridge – Overview EMERSON EDUARDO RODRIGUES
 
Migrating to Git: Rethinking the Commit
Migrating to Git: Rethinking the CommitMigrating to Git: Rethinking the Commit
Migrating to Git: Rethinking the Commit
 
Using Blockchain to Increase Supply Chain Transparency
Using Blockchain to Increase Supply Chain TransparencyUsing Blockchain to Increase Supply Chain Transparency
Using Blockchain to Increase Supply Chain Transparency
 
Design for Scale / Surge 2010
Design for Scale / Surge 2010Design for Scale / Surge 2010
Design for Scale / Surge 2010
 
Kubernetes and container security
Kubernetes and container securityKubernetes and container security
Kubernetes and container security
 
MLSEC 2020
MLSEC 2020MLSEC 2020
MLSEC 2020
 
I can be apple and so can you
I can be apple and so can youI can be apple and so can you
I can be apple and so can you
 
Replicate Elasticsearch Data with Cross-Cluster Replication (CCR)
Replicate Elasticsearch Data with Cross-Cluster Replication (CCR)Replicate Elasticsearch Data with Cross-Cluster Replication (CCR)
Replicate Elasticsearch Data with Cross-Cluster Replication (CCR)
 
Observability with Spring-based distributed systems
Observability with Spring-based distributed systemsObservability with Spring-based distributed systems
Observability with Spring-based distributed systems
 
Hyperleger Fabric Workshop - Denver Blockchain Week
Hyperleger Fabric Workshop - Denver Blockchain WeekHyperleger Fabric Workshop - Denver Blockchain Week
Hyperleger Fabric Workshop - Denver Blockchain Week
 
Introduction to Git, DrupalCamp LA 2015
Introduction to Git, DrupalCamp LA 2015Introduction to Git, DrupalCamp LA 2015
Introduction to Git, DrupalCamp LA 2015
 
SharePoint Authorization and Authentication-Controlling Access to Documents a...
SharePoint Authorization and Authentication-Controlling Access to Documents a...SharePoint Authorization and Authentication-Controlling Access to Documents a...
SharePoint Authorization and Authentication-Controlling Access to Documents a...
 
Javaone 2016 - Operational Excellence with Hystrix
Javaone 2016 - Operational Excellence with HystrixJavaone 2016 - Operational Excellence with Hystrix
Javaone 2016 - Operational Excellence with Hystrix
 
JavaOne 2014: Next Step in Automation: Elastic Build Environment
JavaOne 2014: Next Step in Automation: Elastic Build EnvironmentJavaOne 2014: Next Step in Automation: Elastic Build Environment
JavaOne 2014: Next Step in Automation: Elastic Build Environment
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
 
Have you been stalking your servers?
Have you been stalking your servers?Have you been stalking your servers?
Have you been stalking your servers?
 
Using Chef for Automated Infrastructure in the Cloud
Using Chef for Automated Infrastructure in the CloudUsing Chef for Automated Infrastructure in the Cloud
Using Chef for Automated Infrastructure in the Cloud
 
Mark Harwood - Building Entity Centric Indexes - NoSQL matters Dublin 2015
Mark Harwood - Building Entity Centric Indexes - NoSQL matters Dublin 2015Mark Harwood - Building Entity Centric Indexes - NoSQL matters Dublin 2015
Mark Harwood - Building Entity Centric Indexes - NoSQL matters Dublin 2015
 
Cinder Updates - Liberty Edition
Cinder Updates - Liberty Edition Cinder Updates - Liberty Edition
Cinder Updates - Liberty Edition
 
Continuously Integrating Puppet
Continuously Integrating PuppetContinuously Integrating Puppet
Continuously Integrating Puppet
 

More from NAVER D2

[211] 인공지능이 인공지능 챗봇을 만든다
[211] 인공지능이 인공지능 챗봇을 만든다[211] 인공지능이 인공지능 챗봇을 만든다
[211] 인공지능이 인공지능 챗봇을 만든다NAVER D2
 
[233] 대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing: Maglev Hashing Scheduler i...
[233] 대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing: Maglev Hashing Scheduler i...[233] 대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing: Maglev Hashing Scheduler i...
[233] 대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing: Maglev Hashing Scheduler i...NAVER D2
 
[215] Druid로 쉽고 빠르게 데이터 분석하기
[215] Druid로 쉽고 빠르게 데이터 분석하기[215] Druid로 쉽고 빠르게 데이터 분석하기
[215] Druid로 쉽고 빠르게 데이터 분석하기NAVER D2
 
[245]Papago Internals: 모델분석과 응용기술 개발
[245]Papago Internals: 모델분석과 응용기술 개발[245]Papago Internals: 모델분석과 응용기술 개발
[245]Papago Internals: 모델분석과 응용기술 개발NAVER D2
 
[236] 스트림 저장소 최적화 이야기: 아파치 드루이드로부터 얻은 교훈
[236] 스트림 저장소 최적화 이야기: 아파치 드루이드로부터 얻은 교훈[236] 스트림 저장소 최적화 이야기: 아파치 드루이드로부터 얻은 교훈
[236] 스트림 저장소 최적화 이야기: 아파치 드루이드로부터 얻은 교훈NAVER D2
 
[235]Wikipedia-scale Q&A
[235]Wikipedia-scale Q&A[235]Wikipedia-scale Q&A
[235]Wikipedia-scale Q&ANAVER D2
 
[244]로봇이 현실 세계에 대해 학습하도록 만들기
[244]로봇이 현실 세계에 대해 학습하도록 만들기[244]로봇이 현실 세계에 대해 학습하도록 만들기
[244]로봇이 현실 세계에 대해 학습하도록 만들기NAVER D2
 
[243] Deep Learning to help student’s Deep Learning
[243] Deep Learning to help student’s Deep Learning[243] Deep Learning to help student’s Deep Learning
[243] Deep Learning to help student’s Deep LearningNAVER D2
 
[234]Fast & Accurate Data Annotation Pipeline for AI applications
[234]Fast & Accurate Data Annotation Pipeline for AI applications[234]Fast & Accurate Data Annotation Pipeline for AI applications
[234]Fast & Accurate Data Annotation Pipeline for AI applicationsNAVER D2
 
Old version: [233]대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing
Old version: [233]대형 컨테이너 클러스터에서의 고가용성 Network Load BalancingOld version: [233]대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing
Old version: [233]대형 컨테이너 클러스터에서의 고가용성 Network Load BalancingNAVER D2
 
[226]NAVER 광고 deep click prediction: 모델링부터 서빙까지
[226]NAVER 광고 deep click prediction: 모델링부터 서빙까지[226]NAVER 광고 deep click prediction: 모델링부터 서빙까지
[226]NAVER 광고 deep click prediction: 모델링부터 서빙까지NAVER D2
 
[225]NSML: 머신러닝 플랫폼 서비스하기 & 모델 튜닝 자동화하기
[225]NSML: 머신러닝 플랫폼 서비스하기 & 모델 튜닝 자동화하기[225]NSML: 머신러닝 플랫폼 서비스하기 & 모델 튜닝 자동화하기
[225]NSML: 머신러닝 플랫폼 서비스하기 & 모델 튜닝 자동화하기NAVER D2
 
[224]네이버 검색과 개인화
[224]네이버 검색과 개인화[224]네이버 검색과 개인화
[224]네이버 검색과 개인화NAVER D2
 
[216]Search Reliability Engineering (부제: 지진에도 흔들리지 않는 네이버 검색시스템)
[216]Search Reliability Engineering (부제: 지진에도 흔들리지 않는 네이버 검색시스템)[216]Search Reliability Engineering (부제: 지진에도 흔들리지 않는 네이버 검색시스템)
[216]Search Reliability Engineering (부제: 지진에도 흔들리지 않는 네이버 검색시스템)NAVER D2
 
[214] Ai Serving Platform: 하루 수 억 건의 인퍼런스를 처리하기 위한 고군분투기
[214] Ai Serving Platform: 하루 수 억 건의 인퍼런스를 처리하기 위한 고군분투기[214] Ai Serving Platform: 하루 수 억 건의 인퍼런스를 처리하기 위한 고군분투기
[214] Ai Serving Platform: 하루 수 억 건의 인퍼런스를 처리하기 위한 고군분투기NAVER D2
 
[213] Fashion Visual Search
[213] Fashion Visual Search[213] Fashion Visual Search
[213] Fashion Visual SearchNAVER D2
 
[232] TensorRT를 활용한 딥러닝 Inference 최적화
[232] TensorRT를 활용한 딥러닝 Inference 최적화[232] TensorRT를 활용한 딥러닝 Inference 최적화
[232] TensorRT를 활용한 딥러닝 Inference 최적화NAVER D2
 
[242]컴퓨터 비전을 이용한 실내 지도 자동 업데이트 방법: 딥러닝을 통한 POI 변화 탐지
[242]컴퓨터 비전을 이용한 실내 지도 자동 업데이트 방법: 딥러닝을 통한 POI 변화 탐지[242]컴퓨터 비전을 이용한 실내 지도 자동 업데이트 방법: 딥러닝을 통한 POI 변화 탐지
[242]컴퓨터 비전을 이용한 실내 지도 자동 업데이트 방법: 딥러닝을 통한 POI 변화 탐지NAVER D2
 
[212]C3, 데이터 처리에서 서빙까지 가능한 하둡 클러스터
[212]C3, 데이터 처리에서 서빙까지 가능한 하둡 클러스터[212]C3, 데이터 처리에서 서빙까지 가능한 하둡 클러스터
[212]C3, 데이터 처리에서 서빙까지 가능한 하둡 클러스터NAVER D2
 
[223]기계독해 QA: 검색인가, NLP인가?
[223]기계독해 QA: 검색인가, NLP인가?[223]기계독해 QA: 검색인가, NLP인가?
[223]기계독해 QA: 검색인가, NLP인가?NAVER D2
 

More from NAVER D2 (20)

[211] 인공지능이 인공지능 챗봇을 만든다
[211] 인공지능이 인공지능 챗봇을 만든다[211] 인공지능이 인공지능 챗봇을 만든다
[211] 인공지능이 인공지능 챗봇을 만든다
 
[233] 대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing: Maglev Hashing Scheduler i...
[233] 대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing: Maglev Hashing Scheduler i...[233] 대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing: Maglev Hashing Scheduler i...
[233] 대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing: Maglev Hashing Scheduler i...
 
[215] Druid로 쉽고 빠르게 데이터 분석하기
[215] Druid로 쉽고 빠르게 데이터 분석하기[215] Druid로 쉽고 빠르게 데이터 분석하기
[215] Druid로 쉽고 빠르게 데이터 분석하기
 
[245]Papago Internals: 모델분석과 응용기술 개발
[245]Papago Internals: 모델분석과 응용기술 개발[245]Papago Internals: 모델분석과 응용기술 개발
[245]Papago Internals: 모델분석과 응용기술 개발
 
[236] 스트림 저장소 최적화 이야기: 아파치 드루이드로부터 얻은 교훈
[236] 스트림 저장소 최적화 이야기: 아파치 드루이드로부터 얻은 교훈[236] 스트림 저장소 최적화 이야기: 아파치 드루이드로부터 얻은 교훈
[236] 스트림 저장소 최적화 이야기: 아파치 드루이드로부터 얻은 교훈
 
[235]Wikipedia-scale Q&A
[235]Wikipedia-scale Q&A[235]Wikipedia-scale Q&A
[235]Wikipedia-scale Q&A
 
[244]로봇이 현실 세계에 대해 학습하도록 만들기
[244]로봇이 현실 세계에 대해 학습하도록 만들기[244]로봇이 현실 세계에 대해 학습하도록 만들기
[244]로봇이 현실 세계에 대해 학습하도록 만들기
 
[243] Deep Learning to help student’s Deep Learning
[243] Deep Learning to help student’s Deep Learning[243] Deep Learning to help student’s Deep Learning
[243] Deep Learning to help student’s Deep Learning
 
[234]Fast & Accurate Data Annotation Pipeline for AI applications
[234]Fast & Accurate Data Annotation Pipeline for AI applications[234]Fast & Accurate Data Annotation Pipeline for AI applications
[234]Fast & Accurate Data Annotation Pipeline for AI applications
 
Old version: [233]대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing
Old version: [233]대형 컨테이너 클러스터에서의 고가용성 Network Load BalancingOld version: [233]대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing
Old version: [233]대형 컨테이너 클러스터에서의 고가용성 Network Load Balancing
 
[226]NAVER 광고 deep click prediction: 모델링부터 서빙까지
[226]NAVER 광고 deep click prediction: 모델링부터 서빙까지[226]NAVER 광고 deep click prediction: 모델링부터 서빙까지
[226]NAVER 광고 deep click prediction: 모델링부터 서빙까지
 
[225]NSML: 머신러닝 플랫폼 서비스하기 & 모델 튜닝 자동화하기
[225]NSML: 머신러닝 플랫폼 서비스하기 & 모델 튜닝 자동화하기[225]NSML: 머신러닝 플랫폼 서비스하기 & 모델 튜닝 자동화하기
[225]NSML: 머신러닝 플랫폼 서비스하기 & 모델 튜닝 자동화하기
 
[224]네이버 검색과 개인화
[224]네이버 검색과 개인화[224]네이버 검색과 개인화
[224]네이버 검색과 개인화
 
[216]Search Reliability Engineering (부제: 지진에도 흔들리지 않는 네이버 검색시스템)
[216]Search Reliability Engineering (부제: 지진에도 흔들리지 않는 네이버 검색시스템)[216]Search Reliability Engineering (부제: 지진에도 흔들리지 않는 네이버 검색시스템)
[216]Search Reliability Engineering (부제: 지진에도 흔들리지 않는 네이버 검색시스템)
 
[214] Ai Serving Platform: 하루 수 억 건의 인퍼런스를 처리하기 위한 고군분투기
[214] Ai Serving Platform: 하루 수 억 건의 인퍼런스를 처리하기 위한 고군분투기[214] Ai Serving Platform: 하루 수 억 건의 인퍼런스를 처리하기 위한 고군분투기
[214] Ai Serving Platform: 하루 수 억 건의 인퍼런스를 처리하기 위한 고군분투기
 
[213] Fashion Visual Search
[213] Fashion Visual Search[213] Fashion Visual Search
[213] Fashion Visual Search
 
[232] TensorRT를 활용한 딥러닝 Inference 최적화
[232] TensorRT를 활용한 딥러닝 Inference 최적화[232] TensorRT를 활용한 딥러닝 Inference 최적화
[232] TensorRT를 활용한 딥러닝 Inference 최적화
 
[242]컴퓨터 비전을 이용한 실내 지도 자동 업데이트 방법: 딥러닝을 통한 POI 변화 탐지
[242]컴퓨터 비전을 이용한 실내 지도 자동 업데이트 방법: 딥러닝을 통한 POI 변화 탐지[242]컴퓨터 비전을 이용한 실내 지도 자동 업데이트 방법: 딥러닝을 통한 POI 변화 탐지
[242]컴퓨터 비전을 이용한 실내 지도 자동 업데이트 방법: 딥러닝을 통한 POI 변화 탐지
 
[212]C3, 데이터 처리에서 서빙까지 가능한 하둡 클러스터
[212]C3, 데이터 처리에서 서빙까지 가능한 하둡 클러스터[212]C3, 데이터 처리에서 서빙까지 가능한 하둡 클러스터
[212]C3, 데이터 처리에서 서빙까지 가능한 하둡 클러스터
 
[223]기계독해 QA: 검색인가, NLP인가?
[223]기계독해 QA: 검색인가, NLP인가?[223]기계독해 QA: 검색인가, NLP인가?
[223]기계독해 QA: 검색인가, NLP인가?
 

Recently uploaded

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 

Recently uploaded (20)

SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 

[131] packetbeat과 elasticsearch

  • 1. Get real-time insights from your application with Packetbeat & Elasticsearch
  • 2. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 2 This presentation contains • Lots of JSON objects • Pictures of cows, elks and musical instruments • A bit of Go code • Anomaly detection via moving averages
  • 4. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 4 I work for
  • 5. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 5 the company behind Elasticsearch Logstash Kibana
  • 6. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 6 also known as the ELK stack Photo  credit:  https://www.flickr.com/photos/lsmith2010/8215026548
  • 7. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 7 Distributed from day 1 Logstash 1.5 release party
  • 8. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 8 Open source culture Image  credit:  https://www.flickr.com/photos/tappnel/5798812875 • We live in GitHub • We talk Pull Requests • Conferences • Community • Blog posts
  • 9. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 9 That’s not all Found Beats Watcher ShieldMarvel ES  for  Hadoop
  • 10. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 10 Started an open source project Packetbeat
  • 11. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 11 We wanted to do better monitoring and troubleshooting for distributed systems
  • 12. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 12 Idea look at the communication between services
  • 13. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 13 Capture network packets • Passively listen to network packets • Works on a copy of the traffic • It doesn’t add latency • It cannot break your application Image  credit:  https://www.flickr.com/photos/bigdrumthump/3223280727
  • 14. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 14 Packet capturing 1.  Using  port  mirroring 2.  As  an  “agent”
  • 15. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 15 Sniffing from a technical PoV • libpcap (tcpdump), supports all Unix like systems • Winpcap, supports Windows • For Go, gopacket provides bindings and more • High speed API for packet capturing on Linux: af_packet Image  credit:  https://www.flickr.com/photos/57881779@N04/7930362242/
  • 16. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 16 Decoding
  • 17. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 17 Matching requests and responses • Pipelining complicates matching the requests with the responses.
  • 18. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 18 Create a JSON object for each request-response pair
  • 19. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 19 SQL example
  • 20. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 20 Memcache example
  • 21. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 21 DNS example
  • 22. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 22 • Control information: IP addresses, TCP/ UDP ports • Request type: HTTP method, SQL query, RPC function • Request data: form parameters, payload • Response data: status code, error message, payload • Timing data: timestamp of the request, latency Packet data
  • 23. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 23 Packetbeat: Overview
  • 24. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 24 There’s more to apps than packets Packetbeat   Listens  to  the  “beat”  of   the  network  packets. Topbeat   Listens  to  the  “beat”  of   the  operating  system   metrics. Image  credits:   https://www.flickr.com/photos/7147684@N03/921738874/   https://www.flickr.com/photos/bigdrumthump/3223280727   https://www.flickr.com/photos/jadeashleyphotography/6584949945/   https://www.flickr.com/photos/mitosettembremusica/2839965900/   Filebeat   Listens  to  the  “beat”  of   logs. Metricsbeat   Listens  to  the  internal   “beat”  of  systems  via   APIs.
  • 25. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 25 Topbeat • Like the Unix top command but sending the data periodically to Elasticsearch • Works also on Windows
  • 26. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 26 Topbeat system wide and per process stats CPU  “steal”  time Total  /  used  /  free   memory CPU  stats Per  process  stats CPU  time     consumed Process  pid,  name,   parent  pid,  etc. Memory  used
  • 27. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 27 Topbeat output objects File  system  stats Mount  point Device  name Total,  used,  free   disk  space
  • 28. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 28 Filebeat • Do one thing well: • Send log files to Logstash & Elasticsearch • Light on consumed resources • Easy to deploy on multiple platforms • A “Beat” based on the Logstash-Forwarder source code
  • 29. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 29 Beats have libbeat in common • Go library • Provides common things for all Beats: • logging, service handling, configuration file handling, CLI flags • Outputs and filters Dev  guide  for  creating  a  new  Beat:  https://www.elastic.co/guide/en/beats/libbeat/current/index.html
  • 30. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 30 Deployment: directly to ES • Option 1: Insert directly into Elasticsearch via the bulk API • Security can be provided via Shield and HTTPs
  • 31. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 31 Deployment: Send to Logstash • Option 2: Insert via Logstash • Uses the Lumberjack protocol which offers security • Gives the opportunity of enriching or modifying the data
  • 32. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 32 Getting insights from the data • Elasticsearch aggregations • Split the data into buckets • Apply a function over the data • Freely combine them by nesting • Work with multiple shards
  • 33. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 33 Date histogram •Splits data in buckets of time
  • 34. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 34 Date histogram response
  • 35. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 35 Percentiles aggregation 95th percentile value means that 95% of the values are smaller than it
  • 36. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 36 Percentile aggregation response
  • 37. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 37 Percentile aggregation •Approximate values •T-digests algorithm by Ted Dunning •Accurate for small sets of values •More accurate for extreme percentiles
  • 38. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 38 Date histogram nested with percentiles
  • 39. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 39 Date histogram with nested percentiles
  • 40. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 40 Result
  • 41. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 41 Kibana config
  • 42. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 42 Latency histogram
  • 43. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 43 Histogram by response time • Splits data in buckets by response time • [0-10ms), [10ms-20ms), …
  • 44. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 44 Histogram by response time
  • 45. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 45 Add a date histogram
  • 46. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 46 Response times repartition
  • 47. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 47 Kibana config
  • 48. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 48 Slowest RPC methods •Combines terms and percentiles aggregations
  • 49. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 49 Terms aggregation • Buckets are dynamically built: one per unique value • By default: top 10 by document count • Approximate because each shard can have a different
  • 50. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 50 Order by 99th percentile
  • 51. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 51 Kibana config
  • 52. www.elastic.co 52 • New in Elasticsearch 2.0 (currently in beta) • Work on the results of other aggregations Pipeline aggregations
  • 53. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 53 Derivative aggregation • Metric constantly growing • Take first order derivate to see the speed of growth
  • 54. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 54 Simple moving average • [1, 2, 3, 4, 5, 6, 7, 8, 9, 10] • with a window size of 5: • (1 + 2 + 3 + 4 + 5) / 5 = 3 • (2 + 3 + 4 + 5 + 6) / 5 = 4 • (3 + 4 + 5 + 6 + 7) / 5 = 5 • etc.
  • 55. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 55 Exponentially weighted moving average • Older values become exponentially less important
  • 56. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 56 Moving average - dynamic thresholds • yellow - measured values • purple - moving average (ewma) • green - threshold, mean + (3 * standard deviation)
  • 57. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 57 Request Extended  stats  agg  for   mean  and  std   deviation Moving  averages   aggs  for  mean  and   std Bucket  script  agg Details:  https://www.elastic.co/blog/staying-­‐in-­‐control-­‐with-­‐moving-­‐averages-­‐part-­‐1
  • 58. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 58 Cyclic trends - anomalies • EWMA lags behind too much • The values constantly hit the threshold
  • 59. www.elastic.coCopyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 59 Cyclic trends - anomalies • Holt-Winters (triple exponential) model works better for seasonal data • Requires two periods to bootstrap the algorithm
  • 60. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written permission is strictly prohibited 60 Thanks • https://discuss.elastic.co/c/beats • Twitter: @tudor_g • We have stickers!