Graylog2 (MongoBerlin/MongoHamburg 2010)

2,866 views

Published on

Published in: News & Politics
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,866
On SlideShare
0
From Embeds
0
Number of Embeds
520
Actions
Shares
0
Downloads
37
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Graylog2 (MongoBerlin/MongoHamburg 2010)

  1. 1. Graylog2 – Syslog with Rails and MongoDB candy Manage your logs in the dark and have lasers going and make it look like you're from space Lennart Koopmann, 2010
  2. 2. About me Lennart Koopmann 22 years old Living in Hamburg, working at Jimdo lennartkoopmann.net / @_lennart
  3. 3. phpLogCon … let's not talk about that Graylog1: August 2009 Graylog2: August 2010
  4. 5. Syslog daemon (TCP/UDP)
  5. 6. GELF (UDP)
  6. 7. Graylog extended log format UDP - Max (GZIP) 8192 byte per message (Chunking is supported)
  7. 8. { }
  8. 9. { ' message ':'Exception: Something went wrong.' }
  9. 10. { ' message ':'Exception: Something went wrong.', ' full_message ':'Stacktrace. Some env vars' }
  10. 11. { ' message ':'Exception: Something went wrong.', ' full_message ':'Stacktrace. Some env vars', ' host ':'www19' }
  11. 12. { ' message ':'Exception: Something went wrong.', ' full_message ':'Stacktrace. Some env vars', ' host ':'www19', ' file ':'/var/www/index.php' }
  12. 13. { ' message ':'Exception: Something went wrong.', ' full_message ':'Stacktrace. Some env vars', ' host ':'www19', ' file ':'/var/www/index.php', ' line ':2638 }
  13. 14. { ' message ':'Exception: Something went wrong.', ' full_message ':'Stacktrace. Some env vars', ' host ':'www19', ' file ':'/var/www/index.php', ' line ':2638, ' level ':1 }
  14. 15. Chunking
  15. 16. Use Cases
  16. 17. Plain syslog Collect everything of your /var/log from all servers, aggregate, analyze and get a warning if something goes wrong
  17. 18. GELF Embed it into the logging class of your application and trigger with every error. Include stacktrace and env vars in full message. Later filter by file:line to get statistics.
  18. 19. Aggregate, analyze and get a warning if something goes wrong
  19. 20. Notifications Currently only Nagios hook (rake task) – Triggered at too many messages in last X minutes Fine grained notifications coming with incident management. (Email, SMS APIs, XMPP)
  20. 21. Average page generation time Graylog1 / MySQL: ~12000ms
  21. 22. Average page generation time Graylog1 / MySQL: ~12000ms Graylog2 / MongoDB: ~250ms
  22. 23. Roadmap
  23. 24. Incident management
  24. 25. Define chained rules that explain an incident. Trigger several actions when incident occurs.
  25. 26. Fine grained notifications
  26. 27. Be informed via Email, XMPP, SMS by Graylog2 directly without Nagios hook
  27. 28. More analyzing
  28. 29. Thank you. www.graylog2.org / @Graylog2 www.lennartkoopmann.net / @_lennart (Slides are on Slideshare)

×