Docker Logging Webinar

Sematext Group, Inc.
Sematext Group, Inc. Sematext Group, Inc.
Docker Logging Webinar 20% OFF 201509WNR20S 201509WNR20L sematext.com/spm sematext.com/logsene
Housekeeping / Questions
Intro Logsene: Centralized Log Management Search and Big Data Consulting Support for Solr and Elasticsearch SPM: Performance monitoring, Anomaly Detection and Alerting
SPM - Performance Monitoring
Logsene - Log Management
Agenda ● Centralized Log Management ● Docker - What is different? ○ Challenges ○ How to ■ Log Drivers ■ Logging Containers ■ Sematext Solutions
Centralized Log Management error: No space left on device /dev/... ? warn: Transaction “order_product” failed!
a few steps to go ... Log Shippers Centralized Log Management / Logsene Server, Container, Application Use JSON, Luke
Structured Data
Docker Logging Challenges ● Access Logs ● Log Forwarding to central data stores ● Log Parsing ● Deployment of Logging Tools ○ Containers on local Host ○ Separate Hosts ○ SaaS
What are Docker Logs? ● Traditionally separate files for each Application and Log-Type ○ error.log ○ access.log ● Docker Logs are stdout / stderr of processes running in a container ● Most official images log to console
Mixed Log Formats in one Container
Docker Logging Options - Docker Log Drivers - json-file, syslog, fluentd, journald, gelf - Docker API based Logging Containers - Logspout - Sematext Docker Container - Custom images with installed log shipper (syslog)
Docker Log Drivers Cons: - No Log Parser - only Log Forwarding - “docker logs” command works only with Log-Driver “JSON-files” - Containers terminate when the TCP Server (e.g. syslog or fluentd) is not reachable - No TLS encryption for syslog Pros: - Simple way to forward logs to remote destinations - Setup per container or global setting for Docker
Example: Log Drivers # Start a syslog server :) logagent -u 1514 -y -t af648d4f-xxxx-xxxx-8ec0-fcb33f884f57 # Start a Web Server with TCP syslog -> container terminates docker run -d --name my_web_app -p 80:80 --log-driver=syslog --log-opt syslog- address=tcp://localhost:1514 httpd # Start a Web Server with UDP syslog -> container starts docker run -d --name my_web_app -p 80:80 --log-driver=syslog --log-opt syslog- address=udp://localhost:1514 httpd # run docker logs -> fails docker logs my_web_app > logsene search http
Logging Containers: Logspout Pros: - Logging does not affect app container - ANSI Escape Sequence removal - TLS support - Real-time View with HTTP API - Config for Filters and Syslog-Tags - Log-Driver Files / journald Logs are available on the Host Cons: - Logging Container must be online - Only forwarding, no Log Parser, rsyslog could be used for parsing - Limited to log collection
Logspout HTTP View
Logging Containers: SPM for Docker Pros: - ANSI Escape Sequence handling - TLS by default - Near Real-time View in UI - Filters by regex for Image, Container Names - Structured Logs with included Log-Parser and Pattern Library - Collects Logs, Metrics and Events - Hosted ELK Stack in Logsene Cons: - Logging container must be online
Demo docker run -d --name sematext-agent -v /var/run/docker.sock:/var/run/docker.sock -v $PWD/patterns.yml:/etc/logagent/patterns.yml -e HOSTNAME=$HOSTNAME -e LOGSENE_TOKEN=53a6c7e7-xxxx-4725-962e-ea47cebxxx -e SPM_TOKEN=fe31fc3a-xxxx-47c6-b83c-be376bfxxx sematext/spm-agent-docker docker run --name webapp -p 80:80 httpd siege localhost:80/unknow_page.html logsene search error
Logs Logsene Token Metrics + Events Docker logs on CoreOS Web UI Sematext Container Logsene (https) SPM (https) Log forwarding service stores status in etcd Logging Gateway (TCP 9000) Docker Daemon API / unix-socket Events Metrics Logs etcd journald Configuration in etcd - Logsene Token - SPM Token Logging gateway port, Logging status per host Journald Logs SPM Token
Containerized Monitoring & Logging SPM Performance Monitoring and Logsene Metrics, Events and Logs
SPM Logsene METRICS + LOGS ⇒ BETTER TOGETHER
Mixed Log Formats in one Container
Parsed Logs from a mixed stream
Making Logs Analytics-ready Log Parser Inside Reduced Stack for Logging! Structured Data for Analytics
Summary Stefan Thies Twitter: @seti321 stefan.thies@sematext.com info@sematext.com blog.sematext.com sematext.com/logsene hub.docker.com/r/sematext/spm-agent-docker/ github.com/sematext/spm-agent-docker
Docker Logging Webinar 20% OFF 201509WNR20S 201509WNR20L sematext.com/spm sematext.com/logsene
Thank you for your attention
1 of 28

Docker Logging Webinar

Download to read offline
Data & Analytics

Sematext's DevOps Evangelist, Stefan Thies (@seti321), takes a Docker Logging tour through the different log collection options Docker users have, the pros and cons of each, specific and existing Docker logging solutions, tooling, the role of syslog, log shipping to ELK Stack, and more. Q&A session at end.

Sematext Group, Inc.
Sematext Group, Inc. Sematext Group, Inc.

Recommended

Docker Monitoring Webinar by
Docker Monitoring WebinarDocker Monitoring Webinar
Docker Monitoring WebinarSematext Group, Inc.
6K views47 slides
Elasticsearch for Logs & Metrics - a deep dive by
Elasticsearch for Logs & Metrics - a deep diveElasticsearch for Logs & Metrics - a deep dive
Elasticsearch for Logs & Metrics - a deep diveSematext Group, Inc.
6.3K views48 slides
Tuning Elasticsearch Indexing Pipeline for Logs by
Tuning Elasticsearch Indexing Pipeline for LogsTuning Elasticsearch Indexing Pipeline for Logs
Tuning Elasticsearch Indexing Pipeline for LogsSematext Group, Inc.
27.3K views58 slides
'Scalable Logging and Analytics with LogStash' by
'Scalable Logging and Analytics with LogStash''Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash'Cloud Elements
9.9K views23 slides
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana. by
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.Airat Khisamov
2.9K views23 slides
Monitoring Docker with ELK by
Monitoring Docker with ELKMonitoring Docker with ELK
Monitoring Docker with ELKDaniel Berman
1.4K views36 slides

More Related Content

What's hot

LogStash in action by
LogStash in actionLogStash in action
LogStash in actionManuj Aggarwal
1.3K views48 slides
Running High Performance & Fault-tolerant Elasticsearch Clusters on Docker by
Running High Performance & Fault-tolerant Elasticsearch Clusters on DockerRunning High Performance & Fault-tolerant Elasticsearch Clusters on Docker
Running High Performance & Fault-tolerant Elasticsearch Clusters on DockerSematext Group, Inc.
10.5K views77 slides
MySQL Slow Query log Monitoring using Beats & ELK by
MySQL Slow Query log Monitoring using Beats & ELKMySQL Slow Query log Monitoring using Beats & ELK
MySQL Slow Query log Monitoring using Beats & ELKYoungHeon (Roy) Kim
9.3K views15 slides
ELK Ruminating on Logs (Zendcon 2016) by
ELK Ruminating on Logs (Zendcon 2016)ELK Ruminating on Logs (Zendcon 2016)
ELK Ruminating on Logs (Zendcon 2016)Mathew Beane
1.7K views54 slides
ELK Stack by
ELK StackELK Stack
ELK StackPhuc Nguyen
9.1K views45 slides
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ... by
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...ForgeRock
7.9K views20 slides

What's hot(20)

LogStash in action by Manuj Aggarwal
LogStash in actionLogStash in action
LogStash in action
Manuj Aggarwal1.3K views
Running High Performance & Fault-tolerant Elasticsearch Clusters on Docker by Sematext Group, Inc.
Running High Performance & Fault-tolerant Elasticsearch Clusters on DockerRunning High Performance & Fault-tolerant Elasticsearch Clusters on Docker
Running High Performance & Fault-tolerant Elasticsearch Clusters on Docker
Sematext Group, Inc. 10.5K views
MySQL Slow Query log Monitoring using Beats & ELK by YoungHeon (Roy) Kim
MySQL Slow Query log Monitoring using Beats & ELKMySQL Slow Query log Monitoring using Beats & ELK
MySQL Slow Query log Monitoring using Beats & ELK
YoungHeon (Roy) Kim9.3K views
ELK Ruminating on Logs (Zendcon 2016) by Mathew Beane
ELK Ruminating on Logs (Zendcon 2016)ELK Ruminating on Logs (Zendcon 2016)
ELK Ruminating on Logs (Zendcon 2016)
Mathew Beane1.7K views
ELK Stack by Phuc Nguyen
ELK StackELK Stack
ELK Stack
Phuc Nguyen9.1K views
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ... by ForgeRock
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...
Customer Intelligence: Using the ELK Stack to Analyze ForgeRock OpenAM Audit ...
ForgeRock7.9K views
ELK stack at weibo.com by 琛琳 饶
ELK stack at weibo.comELK stack at weibo.com
ELK stack at weibo.com
琛琳 饶2.9K views
elk_stack_alexander_szalonnas by Alexander Szalonnas
elk_stack_alexander_szalonnaselk_stack_alexander_szalonnas
elk_stack_alexander_szalonnas
Alexander Szalonnas1.9K views
"How about no grep and zabbix?". ELK based alerts and metrics. by Vladimir Pavkin
"How about no grep and zabbix?". ELK based alerts and metrics."How about no grep and zabbix?". ELK based alerts and metrics.
"How about no grep and zabbix?". ELK based alerts and metrics.
Vladimir Pavkin10.1K views
Collect distributed application logging using fluentd (EFK stack) by Marco Pas
Collect distributed application logging using fluentd (EFK stack)Collect distributed application logging using fluentd (EFK stack)
Collect distributed application logging using fluentd (EFK stack)
Marco Pas2.1K views
The Patterns of Distributed Logging and Containers by SATOSHI TAGOMORI
The Patterns of Distributed Logging and ContainersThe Patterns of Distributed Logging and Containers
The Patterns of Distributed Logging and Containers
SATOSHI TAGOMORI24.9K views
Open Source Logging and Monitoring Tools by Phase2
Open Source Logging and Monitoring ToolsOpen Source Logging and Monitoring Tools
Open Source Logging and Monitoring Tools
Phase212.4K views
Logstash by Rajgourav Jain
LogstashLogstash
Logstash
Rajgourav Jain1.7K views
Logging logs with Logstash - Devops MK 10-02-2016 by Steve Howe
Logging logs with Logstash - Devops MK 10-02-2016Logging logs with Logstash - Devops MK 10-02-2016
Logging logs with Logstash - Devops MK 10-02-2016
Steve Howe449 views
Elk devops by Ideato
Elk devopsElk devops
Elk devops
Ideato2.9K views
Logstash + Elasticsearch + Kibana Presentation on Startit Tech Meetup by Startit
Logstash + Elasticsearch + Kibana Presentation on Startit Tech MeetupLogstash + Elasticsearch + Kibana Presentation on Startit Tech Meetup
Logstash + Elasticsearch + Kibana Presentation on Startit Tech Meetup
Startit6.9K views
Experiences in ELK with D3.js for Large Log Analysis and Visualization by Surasak Sanguanpong
Experiences in ELK with D3.js for Large Log Analysis and VisualizationExperiences in ELK with D3.js for Large Log Analysis and Visualization
Experiences in ELK with D3.js for Large Log Analysis and Visualization
Surasak Sanguanpong3K views
Elk with Openstack by Arun prasath
Elk with OpenstackElk with Openstack
Elk with Openstack
Arun prasath1.7K views
The basics of fluentd by Treasure Data, Inc.
The basics of fluentdThe basics of fluentd
The basics of fluentd
Treasure Data, Inc.29.1K views
Node.js by hotrannam
Node.jsNode.js
Node.js
hotrannam1.4K views

Viewers also liked

Docker and Fluentd by
Docker and FluentdDocker and Fluentd
Docker and FluentdN Masahiro
11.3K views25 slides
Centralized + Unified Logging by
Centralized + Unified LoggingCentralized + Unified Logging
Centralized + Unified LoggingGabor Kozma
1.8K views21 slides
Top Node.js Metrics to Watch by
Top Node.js Metrics to WatchTop Node.js Metrics to Watch
Top Node.js Metrics to WatchSematext Group, Inc.
9K views34 slides
Tuning Solr & Pipeline for Logs by
Tuning Solr & Pipeline for LogsTuning Solr & Pipeline for Logs
Tuning Solr & Pipeline for LogsSematext Group, Inc.
6.6K views45 slides
Centralized Logging with syslog by
Centralized Logging with syslogCentralized Logging with syslog
Centralized Logging with syslogamiable_indian
3.5K views47 slides
Solr Anti Patterns by
Solr Anti PatternsSolr Anti Patterns
Solr Anti PatternsSematext Group, Inc.
10K views71 slides

Viewers also liked(19)

Docker and Fluentd by N Masahiro
Docker and FluentdDocker and Fluentd
Docker and Fluentd
N Masahiro11.3K views
Centralized + Unified Logging by Gabor Kozma
Centralized + Unified LoggingCentralized + Unified Logging
Centralized + Unified Logging
Gabor Kozma1.8K views
Top Node.js Metrics to Watch by Sematext Group, Inc.
Top Node.js Metrics to WatchTop Node.js Metrics to Watch
Top Node.js Metrics to Watch
Sematext Group, Inc. 9K views
Tuning Solr & Pipeline for Logs by Sematext Group, Inc.
Tuning Solr & Pipeline for LogsTuning Solr & Pipeline for Logs
Tuning Solr & Pipeline for Logs
Sematext Group, Inc. 6.6K views
Centralized Logging with syslog by amiable_indian
Centralized Logging with syslogCentralized Logging with syslog
Centralized Logging with syslog
amiable_indian3.5K views
Solr Anti Patterns by Sematext Group, Inc.
Solr Anti PatternsSolr Anti Patterns
Solr Anti Patterns
Sematext Group, Inc. 10K views
Tuning Solr for Logs by Sematext Group, Inc.
Tuning Solr for LogsTuning Solr for Logs
Tuning Solr for Logs
Sematext Group, Inc. 9.6K views
From Zero to Production Hero: Log Analysis with Elasticsearch (from Velocity ... by Sematext Group, Inc.
From Zero to Production Hero: Log Analysis with Elasticsearch (from Velocity ...From Zero to Production Hero: Log Analysis with Elasticsearch (from Velocity ...
From Zero to Production Hero: Log Analysis with Elasticsearch (from Velocity ...
Sematext Group, Inc. 14.1K views
Large Scale Log Analytics with Solr (from Lucene Revolution 2015) by Sematext Group, Inc.
Large Scale Log Analytics with Solr (from Lucene Revolution 2015)Large Scale Log Analytics with Solr (from Lucene Revolution 2015)
Large Scale Log Analytics with Solr (from Lucene Revolution 2015)
Sematext Group, Inc. 11.8K views
Introduction to solr by Sematext Group, Inc.
Introduction to solrIntroduction to solr
Introduction to solr
Sematext Group, Inc. 859 views
From Zero to Hero - Centralized Logging with Logstash & Elasticsearch by Sematext Group, Inc.
From Zero to Hero - Centralized Logging with Logstash & ElasticsearchFrom Zero to Hero - Centralized Logging with Logstash & Elasticsearch
From Zero to Hero - Centralized Logging with Logstash & Elasticsearch
Sematext Group, Inc. 17.6K views
The Ultimate Logging Architecture - You KNOW you want it! by Michele Leroux Bustamante
The Ultimate Logging Architecture - You KNOW you want it!The Ultimate Logging Architecture - You KNOW you want it!
The Ultimate Logging Architecture - You KNOW you want it!
Michele Leroux Bustamante10.1K views
Metrics, Logs, Transaction Traces, Anomaly Detection at Scale by Sematext Group, Inc.
Metrics, Logs, Transaction Traces, Anomaly Detection at ScaleMetrics, Logs, Transaction Traces, Anomaly Detection at Scale
Metrics, Logs, Transaction Traces, Anomaly Detection at Scale
Sematext Group, Inc. 4.8K views
Side by Side with Elasticsearch & Solr, Part 2 by Sematext Group, Inc.
Side by Side with Elasticsearch & Solr, Part 2Side by Side with Elasticsearch & Solr, Part 2
Side by Side with Elasticsearch & Solr, Part 2
Sematext Group, Inc. 18.2K views
Monitoring and Log Management for by Sematext Group, Inc.
Monitoring and Log Management forMonitoring and Log Management for
Monitoring and Log Management for
Sematext Group, Inc. 14.5K views
(Elastic)search in big data by Sematext Group, Inc.
(Elastic)search in big data(Elastic)search in big data
(Elastic)search in big data
Sematext Group, Inc. 3.8K views
Building Resilient Log Aggregation Pipeline with Elasticsearch & Kafka by Sematext Group, Inc.
Building Resilient Log Aggregation Pipeline with Elasticsearch & KafkaBuilding Resilient Log Aggregation Pipeline with Elasticsearch & Kafka
Building Resilient Log Aggregation Pipeline with Elasticsearch & Kafka
Sematext Group, Inc. 2.4K views
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker by Sematext Group, Inc.
Running High Performance and Fault Tolerant Elasticsearch Clusters on DockerRunning High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Running High Performance and Fault Tolerant Elasticsearch Clusters on Docker
Sematext Group, Inc. 38.1K views
A Gentle Introduction To Docker And All Things Containers by Jérôme Petazzoni
A Gentle Introduction To Docker And All Things ContainersA Gentle Introduction To Docker And All Things Containers
A Gentle Introduction To Docker And All Things Containers
Jérôme Petazzoni60.6K views

Similar to Docker Logging Webinar

Turbo charge your logs by
Turbo charge your logsTurbo charge your logs
Turbo charge your logsJeremy Cook
3.1K views55 slides
Docker Logging and analysing with Elastic Stack by
Docker Logging and analysing with Elastic StackDocker Logging and analysing with Elastic Stack
Docker Logging and analysing with Elastic StackJakub Hajek
157 views42 slides
Docker Logging and analysing with Elastic Stack - Jakub Hajek by
Docker Logging and analysing with Elastic Stack - Jakub Hajek Docker Logging and analysing with Elastic Stack - Jakub Hajek
Docker Logging and analysing with Elastic Stack - Jakub Hajek PROIDEA
73 views42 slides
Node.js Web Apps @ ebay scale by
Node.js Web Apps @ ebay scaleNode.js Web Apps @ ebay scale
Node.js Web Apps @ ebay scaleDmytro Semenov
1.8K views77 slides
Turbo charge your logs by
Turbo charge your logsTurbo charge your logs
Turbo charge your logsJeremy Cook
8.4K views55 slides
Monitoring.pptx by
Monitoring.pptxMonitoring.pptx
Monitoring.pptxShadi Akil
24 views27 slides

Similar to Docker Logging Webinar(20)

Turbo charge your logs by Jeremy Cook
Turbo charge your logsTurbo charge your logs
Turbo charge your logs
Jeremy Cook3.1K views
Docker Logging and analysing with Elastic Stack by Jakub Hajek
Docker Logging and analysing with Elastic StackDocker Logging and analysing with Elastic Stack
Docker Logging and analysing with Elastic Stack
Jakub Hajek157 views
Docker Logging and analysing with Elastic Stack - Jakub Hajek by PROIDEA
Docker Logging and analysing with Elastic Stack - Jakub Hajek Docker Logging and analysing with Elastic Stack - Jakub Hajek
Docker Logging and analysing with Elastic Stack - Jakub Hajek
PROIDEA73 views
Node.js Web Apps @ ebay scale by Dmytro Semenov
Node.js Web Apps @ ebay scaleNode.js Web Apps @ ebay scale
Node.js Web Apps @ ebay scale
Dmytro Semenov1.8K views
Turbo charge your logs by Jeremy Cook
Turbo charge your logsTurbo charge your logs
Turbo charge your logs
Jeremy Cook8.4K views
Monitoring.pptx by Shadi Akil
Monitoring.pptxMonitoring.pptx
Monitoring.pptx
Shadi Akil24 views
Scaling ELK Stack - DevOpsDays Singapore by Angad Singh
Scaling ELK Stack - DevOpsDays SingaporeScaling ELK Stack - DevOpsDays Singapore
Scaling ELK Stack - DevOpsDays Singapore
Angad Singh754 views
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers by PROIDEA
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providersPLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
PLNOG 4: Leszek Urbański - A modern HTTP accelerator for content providers
PROIDEA28 views
FIWARE Global Summit - Real-time Media Stream Processing Using Kurento by FIWARE
FIWARE Global Summit - Real-time Media Stream Processing Using KurentoFIWARE Global Summit - Real-time Media Stream Processing Using Kurento
FIWARE Global Summit - Real-time Media Stream Processing Using Kurento
FIWARE343 views
Varnish - PLNOG 4 by Leszek Urbanski
Varnish - PLNOG 4Varnish - PLNOG 4
Varnish - PLNOG 4
Leszek Urbanski3.6K views
Extreme replication at IOUG Collaborate 15 by Bobby Curtis
Extreme replication at IOUG Collaborate 15Extreme replication at IOUG Collaborate 15
Extreme replication at IOUG Collaborate 15
Bobby Curtis1.9K views
[scala.by] Launching new application fast by Denis Karpenko
[scala.by] Launching new application fast[scala.by] Launching new application fast
[scala.by] Launching new application fast
Denis Karpenko1.3K views
Experiences building a distributed shared log on RADOS - Noah Watkins by Ceph Community
Experiences building a distributed shared log on RADOS - Noah WatkinsExperiences building a distributed shared log on RADOS - Noah Watkins
Experiences building a distributed shared log on RADOS - Noah Watkins
Ceph Community 98 views
Extreme Replication - Performance Tuning Oracle GoldenGate by Bobby Curtis
Extreme Replication - Performance Tuning Oracle GoldenGateExtreme Replication - Performance Tuning Oracle GoldenGate
Extreme Replication - Performance Tuning Oracle GoldenGate
Bobby Curtis9.8K views
Logging & Metrics with Docker by Stefan Zier
Logging & Metrics with DockerLogging & Metrics with Docker
Logging & Metrics with Docker
Stefan Zier2.3K views
Intro to XPages for Administrators (DanNotes, November 28, 2012) by Per Henrik Lausten
Intro to XPages for Administrators (DanNotes, November 28, 2012)Intro to XPages for Administrators (DanNotes, November 28, 2012)
Intro to XPages for Administrators (DanNotes, November 28, 2012)
Per Henrik Lausten4.7K views
Extreme Replication - RMOUG Presentation by Bobby Curtis
Extreme Replication - RMOUG PresentationExtreme Replication - RMOUG Presentation
Extreme Replication - RMOUG Presentation
Bobby Curtis2.5K views
Logging for Production Systems in The Container Era by Sadayuki Furuhashi
Logging for Production Systems in The Container EraLogging for Production Systems in The Container Era
Logging for Production Systems in The Container Era
Sadayuki Furuhashi1.4K views
How bol.com makes sense of its logs, using the Elastic technology stack. by Renzo Tomà
How bol.com makes sense of its logs, using the Elastic technology stack.How bol.com makes sense of its logs, using the Elastic technology stack.
How bol.com makes sense of its logs, using the Elastic technology stack.
Renzo Tomà1.1K views
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs by Altoros
Cloud Foundry Monitoring How-To: Collecting Metrics and LogsCloud Foundry Monitoring How-To: Collecting Metrics and Logs
Cloud Foundry Monitoring How-To: Collecting Metrics and Logs
Altoros6.3K views

More from Sematext Group, Inc.

Tweaking the Base Score: Lucene/Solr Similarities Explained by
Tweaking the Base Score: Lucene/Solr Similarities ExplainedTweaking the Base Score: Lucene/Solr Similarities Explained
Tweaking the Base Score: Lucene/Solr Similarities ExplainedSematext Group, Inc.
8.6K views53 slides
OOPs, OOMs, oh my! Containerizing JVM apps by
OOPs, OOMs, oh my! Containerizing JVM appsOOPs, OOMs, oh my! Containerizing JVM apps
OOPs, OOMs, oh my! Containerizing JVM appsSematext Group, Inc.
1.5K views25 slides
Is observability good for your brain? by
Is observability good for your brain?Is observability good for your brain?
Is observability good for your brain?Sematext Group, Inc.
751 views28 slides
Introducing log analysis to your organization by
Introducing log analysis to your organization Introducing log analysis to your organization
Introducing log analysis to your organization Sematext Group, Inc.
3.5K views106 slides
Solr Search Engine: Optimize Is (Not) Bad for You by
Solr Search Engine: Optimize Is (Not) Bad for YouSolr Search Engine: Optimize Is (Not) Bad for You
Solr Search Engine: Optimize Is (Not) Bad for YouSematext Group, Inc.
10K views94 slides
Side by Side with Elasticsearch and Solr by
Side by Side with Elasticsearch and SolrSide by Side with Elasticsearch and Solr
Side by Side with Elasticsearch and SolrSematext Group, Inc.
14.5K views21 slides

More from Sematext Group, Inc. (10)

Tweaking the Base Score: Lucene/Solr Similarities Explained by Sematext Group, Inc.
Tweaking the Base Score: Lucene/Solr Similarities ExplainedTweaking the Base Score: Lucene/Solr Similarities Explained
Tweaking the Base Score: Lucene/Solr Similarities Explained
Sematext Group, Inc. 8.6K views
OOPs, OOMs, oh my! Containerizing JVM apps by Sematext Group, Inc.
OOPs, OOMs, oh my! Containerizing JVM appsOOPs, OOMs, oh my! Containerizing JVM apps
OOPs, OOMs, oh my! Containerizing JVM apps
Sematext Group, Inc. 1.5K views
Is observability good for your brain? by Sematext Group, Inc.
Is observability good for your brain?Is observability good for your brain?
Is observability good for your brain?
Sematext Group, Inc. 751 views
Introducing log analysis to your organization by Sematext Group, Inc.
Introducing log analysis to your organization Introducing log analysis to your organization
Introducing log analysis to your organization
Sematext Group, Inc. 3.5K views
Solr Search Engine: Optimize Is (Not) Bad for You by Sematext Group, Inc.
Solr Search Engine: Optimize Is (Not) Bad for YouSolr Search Engine: Optimize Is (Not) Bad for You
Solr Search Engine: Optimize Is (Not) Bad for You
Sematext Group, Inc. 10K views
Side by Side with Elasticsearch and Solr by Sematext Group, Inc.
Side by Side with Elasticsearch and SolrSide by Side with Elasticsearch and Solr
Side by Side with Elasticsearch and Solr
Sematext Group, Inc. 14.5K views
Open Source Search Evolution by Sematext Group, Inc.
Open Source Search EvolutionOpen Source Search Evolution
Open Source Search Evolution
Sematext Group, Inc. 1.2K views
Elasticsearch and Solr for Logs by Sematext Group, Inc.
Elasticsearch and Solr for LogsElasticsearch and Solr for Logs
Elasticsearch and Solr for Logs
Sematext Group, Inc. 14.3K views
Introduction to Elasticsearch by Sematext Group, Inc.
Introduction to ElasticsearchIntroduction to Elasticsearch
Introduction to Elasticsearch
Sematext Group, Inc. 13.5K views
Administering and Monitoring SolrCloud Clusters by Sematext Group, Inc.
Administering and Monitoring SolrCloud ClustersAdministering and Monitoring SolrCloud Clusters
Administering and Monitoring SolrCloud Clusters
Sematext Group, Inc. 15K views

Recently uploaded

Vikas 500 BIG DATA TECHNOLOGIES LAB.pdf by
Vikas 500 BIG DATA TECHNOLOGIES LAB.pdfVikas 500 BIG DATA TECHNOLOGIES LAB.pdf
Vikas 500 BIG DATA TECHNOLOGIES LAB.pdfvikas12611618
8 views30 slides
Building Real-Time Travel Alerts by
Building Real-Time Travel AlertsBuilding Real-Time Travel Alerts
Building Real-Time Travel AlertsTimothy Spann
109 views48 slides
Chapter 3b- Process Communication (1) (1)(1) (1).pptx by
Chapter 3b- Process Communication (1) (1)(1) (1).pptxChapter 3b- Process Communication (1) (1)(1) (1).pptx
Chapter 3b- Process Communication (1) (1)(1) (1).pptxayeshabaig2004
5 views30 slides
Advanced_Recommendation_Systems_Presentation.pptx by
Advanced_Recommendation_Systems_Presentation.pptxAdvanced_Recommendation_Systems_Presentation.pptx
Advanced_Recommendation_Systems_Presentation.pptxneeharikasingh29
5 views9 slides
[DSC Europe 23] Zsolt Feleki - Machine Translation should we trust it.pptx by
[DSC Europe 23] Zsolt Feleki - Machine Translation should we trust it.pptx[DSC Europe 23] Zsolt Feleki - Machine Translation should we trust it.pptx
[DSC Europe 23] Zsolt Feleki - Machine Translation should we trust it.pptxDataScienceConferenc1
5 views12 slides
Introduction to Microsoft Fabric.pdf by
Introduction to Microsoft Fabric.pdfIntroduction to Microsoft Fabric.pdf
Introduction to Microsoft Fabric.pdfishaniuudeshika
24 views16 slides

Recently uploaded(20)

Vikas 500 BIG DATA TECHNOLOGIES LAB.pdf by vikas12611618
Vikas 500 BIG DATA TECHNOLOGIES LAB.pdfVikas 500 BIG DATA TECHNOLOGIES LAB.pdf
Vikas 500 BIG DATA TECHNOLOGIES LAB.pdf
vikas126116188 views
Building Real-Time Travel Alerts by Timothy Spann
Building Real-Time Travel AlertsBuilding Real-Time Travel Alerts
Building Real-Time Travel Alerts
Timothy Spann109 views
Chapter 3b- Process Communication (1) (1)(1) (1).pptx by ayeshabaig2004
Chapter 3b- Process Communication (1) (1)(1) (1).pptxChapter 3b- Process Communication (1) (1)(1) (1).pptx
Chapter 3b- Process Communication (1) (1)(1) (1).pptx
ayeshabaig20045 views
Advanced_Recommendation_Systems_Presentation.pptx by neeharikasingh29
Advanced_Recommendation_Systems_Presentation.pptxAdvanced_Recommendation_Systems_Presentation.pptx
Advanced_Recommendation_Systems_Presentation.pptx
neeharikasingh295 views
[DSC Europe 23] Zsolt Feleki - Machine Translation should we trust it.pptx by DataScienceConferenc1
[DSC Europe 23] Zsolt Feleki - Machine Translation should we trust it.pptx[DSC Europe 23] Zsolt Feleki - Machine Translation should we trust it.pptx
[DSC Europe 23] Zsolt Feleki - Machine Translation should we trust it.pptx
DataScienceConferenc15 views
Introduction to Microsoft Fabric.pdf by ishaniuudeshika
Introduction to Microsoft Fabric.pdfIntroduction to Microsoft Fabric.pdf
Introduction to Microsoft Fabric.pdf
ishaniuudeshika24 views
3196 The Case of The East River by ErickANDRADE90
3196 The Case of The East River3196 The Case of The East River
3196 The Case of The East River
ErickANDRADE9011 views
Organic Shopping in Google Analytics 4.pdf by GA4 Tutorials
Organic Shopping in Google Analytics 4.pdfOrganic Shopping in Google Analytics 4.pdf
Organic Shopping in Google Analytics 4.pdf
GA4 Tutorials10 views
Data structure and algorithm. by Abdul salam
Data structure and algorithm. Data structure and algorithm.
Data structure and algorithm.
Abdul salam 18 views
PROGRAMME.pdf by HiNedHaJar
PROGRAMME.pdfPROGRAMME.pdf
PROGRAMME.pdf
HiNedHaJar17 views
Understanding Hallucinations in LLMs - 2023 09 29.pptx by Greg Makowski
Understanding Hallucinations in LLMs - 2023 09 29.pptxUnderstanding Hallucinations in LLMs - 2023 09 29.pptx
Understanding Hallucinations in LLMs - 2023 09 29.pptx
Greg Makowski13 views
Short Story Assignment by Kelly Nguyen by kellynguyen01
Short Story Assignment by Kelly NguyenShort Story Assignment by Kelly Nguyen
Short Story Assignment by Kelly Nguyen
kellynguyen0118 views
RIO GRANDE SUPPLY COMPANY INC, JAYSON.docx by JaysonGarabilesEspej
RIO GRANDE SUPPLY COMPANY INC, JAYSON.docxRIO GRANDE SUPPLY COMPANY INC, JAYSON.docx
RIO GRANDE SUPPLY COMPANY INC, JAYSON.docx
JaysonGarabilesEspej6 views
MOSORE_BRESCIA by Federico Karagulian
MOSORE_BRESCIAMOSORE_BRESCIA
MOSORE_BRESCIA
Federico Karagulian5 views
Cross-network in Google Analytics 4.pdf by GA4 Tutorials
Cross-network in Google Analytics 4.pdfCross-network in Google Analytics 4.pdf
Cross-network in Google Analytics 4.pdf
GA4 Tutorials6 views
How Leaders See Data? (Level 1) by Narendra Narendra
How Leaders See Data? (Level 1)How Leaders See Data? (Level 1)
How Leaders See Data? (Level 1)
Narendra Narendra13 views
UNEP FI CRS Climate Risk Results.pptx by pekka28
UNEP FI CRS Climate Risk Results.pptxUNEP FI CRS Climate Risk Results.pptx
UNEP FI CRS Climate Risk Results.pptx
pekka2811 views
CRIJ4385_Death Penalty_F23.pptx by yvettemm100
CRIJ4385_Death Penalty_F23.pptxCRIJ4385_Death Penalty_F23.pptx
CRIJ4385_Death Penalty_F23.pptx
yvettemm1006 views
Supercharging your Data with Azure AI Search and Azure OpenAI by Peter Gallagher
Supercharging your Data with Azure AI Search and Azure OpenAISupercharging your Data with Azure AI Search and Azure OpenAI
Supercharging your Data with Azure AI Search and Azure OpenAI
Peter Gallagher37 views
[DSC Europe 23] Spela Poklukar & Tea Brasanac - Retrieval Augmented Generation by DataScienceConferenc1
[DSC Europe 23] Spela Poklukar & Tea Brasanac - Retrieval Augmented Generation[DSC Europe 23] Spela Poklukar & Tea Brasanac - Retrieval Augmented Generation
[DSC Europe 23] Spela Poklukar & Tea Brasanac - Retrieval Augmented Generation
DataScienceConferenc15 views

Docker Logging Webinar

  • 1. Docker Logging Webinar 20% OFF 201509WNR20S 201509WNR20L sematext.com/spm sematext.com/logsene
  • 3. Intro Logsene: Centralized Log Management Search and Big Data Consulting Support for Solr and Elasticsearch SPM: Performance monitoring, Anomaly Detection and Alerting
  • 4. SPM - Performance Monitoring
  • 5. Logsene - Log Management
  • 6. Agenda ● Centralized Log Management ● Docker - What is different? ○ Challenges ○ How to ■ Log Drivers ■ Logging Containers ■ Sematext Solutions
  • 7. Centralized Log Management error: No space left on device /dev/... ? warn: Transaction “order_product” failed!
  • 8. a few steps to go ... Log Shippers Centralized Log Management / Logsene Server, Container, Application Use JSON, Luke
  • 10. Docker Logging Challenges ● Access Logs ● Log Forwarding to central data stores ● Log Parsing ● Deployment of Logging Tools ○ Containers on local Host ○ Separate Hosts ○ SaaS
  • 11. What are Docker Logs? ● Traditionally separate files for each Application and Log-Type ○ error.log ○ access.log ● Docker Logs are stdout / stderr of processes running in a container ● Most official images log to console
  • 12. Mixed Log Formats in one Container
  • 13. Docker Logging Options - Docker Log Drivers - json-file, syslog, fluentd, journald, gelf - Docker API based Logging Containers - Logspout - Sematext Docker Container - Custom images with installed log shipper (syslog)
  • 14. Docker Log Drivers Cons: - No Log Parser - only Log Forwarding - “docker logs” command works only with Log-Driver “JSON-files” - Containers terminate when the TCP Server (e.g. syslog or fluentd) is not reachable - No TLS encryption for syslog Pros: - Simple way to forward logs to remote destinations - Setup per container or global setting for Docker
  • 15. Example: Log Drivers # Start a syslog server :) logagent -u 1514 -y -t af648d4f-xxxx-xxxx-8ec0-fcb33f884f57 # Start a Web Server with TCP syslog -> container terminates docker run -d --name my_web_app -p 80:80 --log-driver=syslog --log-opt syslog- address=tcp://localhost:1514 httpd # Start a Web Server with UDP syslog -> container starts docker run -d --name my_web_app -p 80:80 --log-driver=syslog --log-opt syslog- address=udp://localhost:1514 httpd # run docker logs -> fails docker logs my_web_app > logsene search http
  • 16. Logging Containers: Logspout Pros: - Logging does not affect app container - ANSI Escape Sequence removal - TLS support - Real-time View with HTTP API - Config for Filters and Syslog-Tags - Log-Driver Files / journald Logs are available on the Host Cons: - Logging Container must be online - Only forwarding, no Log Parser, rsyslog could be used for parsing - Limited to log collection
  • 18. Logging Containers: SPM for Docker Pros: - ANSI Escape Sequence handling - TLS by default - Near Real-time View in UI - Filters by regex for Image, Container Names - Structured Logs with included Log-Parser and Pattern Library - Collects Logs, Metrics and Events - Hosted ELK Stack in Logsene Cons: - Logging container must be online
  • 19. Demo docker run -d --name sematext-agent -v /var/run/docker.sock:/var/run/docker.sock -v $PWD/patterns.yml:/etc/logagent/patterns.yml -e HOSTNAME=$HOSTNAME -e LOGSENE_TOKEN=53a6c7e7-xxxx-4725-962e-ea47cebxxx -e SPM_TOKEN=fe31fc3a-xxxx-47c6-b83c-be376bfxxx sematext/spm-agent-docker docker run --name webapp -p 80:80 httpd siege localhost:80/unknow_page.html logsene search error
  • 20. Logs Logsene Token Metrics + Events Docker logs on CoreOS Web UI Sematext Container Logsene (https) SPM (https) Log forwarding service stores status in etcd Logging Gateway (TCP 9000) Docker Daemon API / unix-socket Events Metrics Logs etcd journald Configuration in etcd - Logsene Token - SPM Token Logging gateway port, Logging status per host Journald Logs SPM Token
  • 21. Containerized Monitoring & Logging SPM Performance Monitoring and Logsene Metrics, Events and Logs
  • 22. SPM Logsene METRICS + LOGS ⇒ BETTER TOGETHER
  • 23. Mixed Log Formats in one Container
  • 24. Parsed Logs from a mixed stream
  • 25. Making Logs Analytics-ready Log Parser Inside Reduced Stack for Logging! Structured Data for Analytics
  • 27. Docker Logging Webinar 20% OFF 201509WNR20S 201509WNR20L sematext.com/spm sematext.com/logsene
  • 28. Thank you for your attention