This document discusses using Logstash to collect, process, and store application logs. It begins by describing different types of logs that are generated by applications and services. It then introduces the ELK stack, consisting of Elasticsearch, Logstash, and Kibana, to centralize, index, and visualize log data. Specific examples are provided on using the Monolog PHP logging library to instrument applications and leverage Logstash's processing pipeline to parse, enrich, and output logs to Elasticsearch.
20. EG 3: Event Logging
use MonologLogger;
use SymfonyComponentEventDispatcherEventDispatcher;
$dispatcher = new EventDispatcher();
$dispatcher−>addListener(
"business.registration.post",
function () use ($busLog) {
$busLog−>info("Customer registered");
}
);
$dispatcher−>dispatch("business.registration.post");
21. Logstash Architecture
1. Logstash Shipper ships logs to
logstash
2. Logstash processes them
3. Logstash Inserts Into Elastic
Search
4. Kibana exposes a web interface
to Elastic Search data
37. Logging Ideas
Release Marker
Error rates of various applications over time
Latency in various percentiles of each application tier
HTTP Responses: 400 series responses
HTTP Responses: 500 series responses
Auto git blame production errors
Auth and Syslogs
38. Go Forth And Log....
BUT
Remember log rotation
Beware running out of space
Beware file logging on NFS