This document summarizes a presentation on unifying logs, metrics, and distributed traces with the Elastic suite in a DevOps environment. The presentation introduces Elastic Stack and Elastic Observability, demonstrates log generation in the ECS format, and instrumenting code with Elastic APM using a React and Spring Boot demo. It also discusses the Elastic Contributor Program and provides examples of configuring the Elastic APM and RUM agents.

1. 05 Novembre 2020 @ 20:00
Elastic Morocco User Group
Unification des logs, Metrics et Traces
distribuées avec la suite Elastic dans un
environnement DevOps Yassine LASRI
Co Founder @ Synapticiel LLC
www.synapticiel.co
Solutions Architect
Elastic Certified Enginner

2. Unification des logs, Metrics et Traces distribuées avec la
suite Elastic dans un environnement DevOps
Introduction à Elastic Stack et Elastic Observability
Génération des Logs au format ECS (Elastic Common Schéma)
Instrumentation du code avec Elastic APM
Démonstration (Front End ReactJS et Microservices Spring Boot)
1
2
3
4
Questions & Réponses5

3. Elastic Contributor Program
https://www.elastic.co/community/contributor
Become an Elastic Contributor!
Elastic wants to recognize and
reward community contributions
like presenting Elastic at an event,
organizing an Elastic meetup,
contributing to our code, and more.
Get started today.

4. Product Overview

6. Evolving Architectures ~↑ Monitoring Complexity
Hardware & software trends are evolving in tandem
Higher resource utilization
increases monitoring complexity
❑ Orchestration/Hypervisor
❑ Dynamic/ephemeral jobs
❑ You can no longer "point" to where
that job lives
Shift to cloud-native yields
maintainable code, with costs
❑ Traditional licensing models don't
scale as well as your applications
❑ Hurdles with autoscaling

8. Status Quo: Siloed Collection of Tools

9. Elastic Approach to Observability

10. The Three Pillars of Observability
Logs, Metrics and Traces
Logs, metrics, and traces are often known as the three pillars of
observability. While plainly having access to logs, metrics, and
traces doesn’t necessarily make systems more observable, these
are powerful tools that, if understood well, can unlock the ability to
build better systems.
Logs : “An event log is an immutable, timestamped record of discrete events
that happened over time”
Metrics : “Metrics are a numeric representation of data measured over intervals
of time.”
Traces : “A trace is a representation of a series of causally related distributed
events that encode the end-to-end request flow through a distributed system.”

11. 2019-03-05 10:57:51.253 INFO 45469 --- [ost-startStop-1] o.s.web.context.ContextLoader
: Root WebApplicationContext: initialization completed in 1358 ms
2019-03-05 10:57:51.702 INFO 45469 --- [ost-startStop-1]
o.s.b.c.embedded.FilterRegistrationBean : Mapping filter: 'hiddenHttpMethodFilter' to: [/*]
2020-10-28 11:03:27.265 DEBUG 11672 --- [nio-8082-exec-1] c.b.e.d.MarketEstimate : message
2020-04-07 20:20:33.679 ERROR 41436 --- [ restartedMain] o.s.boot.SpringApplication :
Application run failed
....
... 22 common frames omitted
Caused by: java.lang.NoClassDefFoundError: ProducerFactory
...
... 38 common frames omitted
Caused by: java.lang.ClassNotFoundException: ProducerFactory
....
... 42 common frames omitted
Logging in Spring Boot
Logs parsing & Ingest

12. 2020-10-28 11:03:27.265 DEBUG 11672 --- [nio-8082-exec-1] c.b.e.d.MarketEstimate : message
ECS-based logging for Java applications
https://github.com/elastic/ecs-logging-java

13. Unified Data Layer with Elastic Common Schema
Supports ad-hoc analysis in Kibana Dashboards

14. Unified Data Layer with Elastic Common Schema
https://github.com/elastic/ecs
Benefits
❑ Correlate data from different sources
❑ Ability to re-use analysis content
❑ Ability to re-use Elastic-provided content
Status
❑ Version v1.6 published : github.com/elastic/ecs
❑ Supported in Beats and APM in 7.0
❑ Community feedback welcome

15. Distributed tracing is the collection of data related to end-to-end requests within an application. A trace
is made up of one or more spans where a span represents a call within the request. A call may be a
microservice or a function within a microservice.
What is Distributed Tracing ?
spans, transactions, errors, or metrics

16. Setlocal
set APP_ARGS=-javaagent:../lib/elastic-apm-agent-1.18.1.jar
set APP_ARGS=%APP_ARGS% -Delastic.apm.service_name=car-estimator-es
set APP_ARGS=%APP_ARGS% -Delastic.apm.application_packages=*
set APP_ARGS=%APP_ARGS% -Delastic.apm.server_urls=http://localhost:8200
set APP_ARGS=%APP_ARGS% -Delastic.apm.environment=Production
set APP_ARGS=%APP_ARGS% -Delastic.apm.enable_log_correlation=true
set APP_ARGS=%APP_ARGS% -Delastic.apm.service_version=1.2.0
java %APP_ARGS% -jar targetmeetup-0.0.1-SNAPSHOT.jar
Elastic APM Java Agent
Spring Boot Example

17. -Dcatalina.home=/opt/apache-tomcat
-Dcatalina.base=/opt/apache-tomcat
-Djava.io.tmpdir=/opt/apache-tomcat/temp
-Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
-Djava.util.logging.config.file=/opt/conflogging.properties
-javaagent:/opt/elastic-apm-agent-1.18.0.jar
-Delastic.apm.service_name=apache-tomcat
-Delastic.apm.application_packages=*
-Delastic.apm.server_urls=http://localhost:8200
-Delastic.apm.environment=Production
-Delastic.apm.enable_log_correlation=true
-Delastic.apm.service_version=9.0
Elastic APM Java Agent
Apache Tomcat Example

18. <script src="https://unpkg.com/@elastic/apm-rum@4.0.1/dist/bundles/elastic-apm-rum.umd.min.js">
</script>
<script>
elasticApm.init({
serviceName: 'front-end',
serverUrl: 'http://localhost:8200',
serviceVersion: '1.2.0‘,
distributedTracingOrigins: ['http://localhost:8080'],
environment: 'Production'
})
</script>
Elastic RUM Agent
HTML Configuration Example

19. npm install @elastic/apm-rum --save
import { init as initApm } from '@elastic/apm-rum'
var apm = initApm({
// Set required service name (allowed characters: a-z, A-Z, 0-9, -, _, and space)
serviceName: 'front-end',
// Set the version of your application
// Used on the APM Server to find the right source map
serviceVersion: '1.2.1',
// Set custom APM Server URL (default: http://localhost:8200)
serverUrl: 'http://localhost:8200',
// For distributed tracing to different origin (CORS)
distributedTracingOrigins: ['http://localhost:8080'],
// Check all possible config values here
// https://www.elastic.co/guide/en/apm/agent/rum-js/current/configuration.html
environment: 'Production',
//logLevel: 'debug'
})
export default apm;
Elastic RUM Agent
React-JS Configuration Example

20. APM Traces
How ?, Supported Technologies
APM Agents
RUM APM Server

21. ECS-based logging for Java applications
Logging Correlation

22. OpenTelemetry
An observability framework for cloud-native software

23. OpenTelemetry
An observability framework for cloud-native software

24. Demonstration
Elastic Observability

25. Elastic is a Search Company
Search. Observe. Protect.
www.elastic.co
Thank you | Questions ?