• Home

  • Software

  • Monitoring with Graylog - a modern approach to monitoring?
15
Monitoring with Graylog A modern approach to monitoring? Christoph Petrausch Karlsruhe, 06.11.2015

Monitoring with Graylog - a modern approach to monitoring?

Embed Size (px)

Citation preview

Page 1: Monitoring with Graylog - a modern approach to monitoring?

Monitoring with Graylog

A modern approach to monitoring?

Christoph Petrausch

Karlsruhe, 06.11.2015

Page 2: Monitoring with Graylog - a modern approach to monitoring?

Christoph Petrausch

Systems Engineer @ inovex GmbH

〉 Platform Engineering

〉 System Automation & Development (DevOps)

〉 Blog, Slides & Videos at inovex.de

2

Page 3: Monitoring with Graylog - a modern approach to monitoring?

1. Why Graylog?

2. What is Graylog?

3. Demo

4. Conclusions

5. Q&A

Agenda

3

Page 4: Monitoring with Graylog - a modern approach to monitoring?

Existing monitoring solutions (Nagios, Icinga, Zabbix) have problems:

〉 Some of them lack of APIs

〉 Integration with configuration management is very time-

consuming

〉 Do not scale well

〉 High Availability is not considered by the System Architecture

Why Graylog?

4

Page 5: Monitoring with Graylog - a modern approach to monitoring?

〉 Open Source Project, GPLv3

〉 Project started in 2009

〉 Company Graylog Inc. is the main developer

〉 Around a dozen contributors on GitHub

Project Overview

5

Page 6: Monitoring with Graylog - a modern approach to monitoring?

〉 Receives messages from multiple input protocols

〉 GELF via HTTP/UDP/TCP, Syslog, Apache Kafka, ….

〉 Assigns messages to streams

〉 Triggers user-defined alerts per stream

〉 Stores messages in ElasticSearch for graphing

〉 Routes messages to different outputs based on streams

〉 Provides search and graphing capabilities for stored messages

〉 Uses MongoDB to store metadata and alerts

What does Graylog?

6

Page 7: Monitoring with Graylog - a modern approach to monitoring?

〉 Compressed or uncompressed JSON string

〉 JSON Hash with mandatory fields:

〉 host, version, short_message, full_message, timestamp, level

〉 Additional custom fields start with an underscore

GELF (Graylog Extended Log Format)

7

Page 8: Monitoring with Graylog - a modern approach to monitoring?

Architecture

http://docs.graylog.org/en/1.2/pages/architecture.html#bigger-production-setup 8

Page 9: Monitoring with Graylog - a modern approach to monitoring?

Message Processing

http://docs.graylog.org/en/1.2/pages/streams.html#how-are-streams-processed-internally 9

Page 10: Monitoring with Graylog - a modern approach to monitoring?

〉 Are written in Java

〉 Nearly all parts of Graylog are extensible

〉 Inputs

〉 Outputs

〉 Services

〉 Alarm callbacks

〉 Filters

〉 REST API resources

〉 Periodical tasks

Plugins

10

Page 11: Monitoring with Graylog - a modern approach to monitoring?

Hands on: Demo

Page 12: Monitoring with Graylog - a modern approach to monitoring?

Overview

Collectd Logstash Graylog

OpsGenie

ElasticSearch

Logstorage

Simple Python Script

Alarming

Page 13: Monitoring with Graylog - a modern approach to monitoring?

〉 Only one index for all messages

〉 Same named fields have to have the same semantics

〉 Rudimentary graphs

〉 No interactive zooming

〉 Rudimentary alarming configuration

〉 High configuration effort to get “per-host” monitoring

〉 But you can do it via a REST-API!

Conclusion

13

Page 14: Monitoring with Graylog - a modern approach to monitoring?

Q&A

Page 15: Monitoring with Graylog - a modern approach to monitoring?

Thank You!

Christoph Petrausch

IT Engineering & Operations

inovex GmbH

Ludwig-Erhard-Allee 6

76131 Karlsruhe (GER)

[email protected]

CC BY-NC-ND inovex.de


A Modern Approach to Performance Monitoring

A Modern Approach to Performance Monitoring

Internet
TANS, DEQ Website, and Modern Real-time Monitoring · Modern Real-time Monitoring • Old school vs. New school: Grab sampling and Automated sampling • Modern monitoring techs –

TANS, DEQ Website, and Modern Real-time Monitoring · Modern Real-time Monitoring • Old school vs. New school: Grab sampling and Automated sampling • Modern monitoring techs –

Documents
Monitoring Applications with Monitoring Studio X · 2019-04-30 · Modern Web UI Monitoring templates deployment in TrueSight limited to 3 simple steps. Mass Deployment Monitoring

Monitoring Applications with Monitoring Studio X · 2019-04-30 · Modern Web UI Monitoring templates deployment in TrueSight limited to 3 simple steps. Mass Deployment Monitoring

Documents
Modern Network Monitoring for the Rest of Us - AusNOG · Modern Network Monitoring for the Rest of Us ... Push vs Pull 6. CC-BY AusNOG 2017 Time Series 7. ... Monitoring Strategy

Modern Network Monitoring for the Rest of Us - AusNOG · Modern Network Monitoring for the Rest of Us ... Push vs Pull 6. CC-BY AusNOG 2017 Time Series 7. ... Monitoring Strategy

Documents
Power Monitoring in the Modern Building and Harmonic Problems

Power Monitoring in the Modern Building and Harmonic Problems

Documents
Modern Structural Monitoring Systems for High-Rise and ... · Modern Structural Monitoring Systems for High-Rise and Unique Buildings Andrey SHAKHRAMANYAN*, Joost KUCKARTZ*, Yuri

Modern Structural Monitoring Systems for High-Rise and ... · Modern Structural Monitoring Systems for High-Rise and Unique Buildings Andrey SHAKHRAMANYAN*, Joost KUCKARTZ*, Yuri

Documents
Webinar usando graylog para la gestión centralizada de logs

Webinar usando graylog para la gestión centralizada de logs

Software
Monitoring of Concrete Bases of Wind Turbines with Modern ... · Monitoring of Concrete Bases of Wind Turbines with Modern Inclinometers: Approaches and Experience Boris RESNIK, Germany

Monitoring of Concrete Bases of Wind Turbines with Modern ... · Monitoring of Concrete Bases of Wind Turbines with Modern Inclinometers: Approaches and Experience Boris RESNIK, Germany

Documents
Modern Monitoring - devops roadtrip

Modern Monitoring - devops roadtrip

Technology
Graylog manhdv v1.5

Graylog manhdv v1.5

Technology
MODERN METHODS OF MONITORING …efcweb.org/efcweb_media/Downloads/EFC.../PCristiani+1.pdf · MONITORING BIOCORROSION 1 ELECTROCHEMICAL MONITORING ... on Biologically influenced Corrosion,

MODERN METHODS OF MONITORING …efcweb.org/efcweb_media/Downloads/EFC.../PCristiani+1.pdf · MONITORING BIOCORROSION 1 ELECTROCHEMICAL MONITORING ... on Biologically influenced Corrosion,

Documents
Modern Monitoring - devopsdays Cuba

Modern Monitoring - devopsdays Cuba

Technology
Graylog Documentation - Read the Docs · 2019. 4. 2. · Graylog Documentation, Release 1.1.6 Highly available setup with Graylog Radio Beginning with Graylog 1.0 on, we no longer

Graylog Documentation - Read the Docs · 2019. 4. 2. · Graylog Documentation, Release 1.1.6 Highly available setup with Graylog Radio Beginning with Graylog 1.0 on, we no longer

Documents
Edge 2014: A Modern Approach to Performance Monitoring

Edge 2014: A Modern Approach to Performance Monitoring

Technology
11 - Modern Water Monitoring overview_Sept 15

11 - Modern Water Monitoring overview_Sept 15

Presentations & Public Speaking
Graylog (GIM) Schema

Graylog (GIM) Schema

Documents
Performance and Energy Monitoring Tools for Modern ... · Performance and Energy Monitoring Tools for Modern Processor Architectures LuísFilipeMatalotoTaniça Thesis to obtain the

Performance and Energy Monitoring Tools for Modern ... · Performance and Energy Monitoring Tools for Modern Processor Architectures LuísFilipeMatalotoTaniça Thesis to obtain the

Documents
Performance monitoring als component van een modern overheidsmanagement

Performance monitoring als component van een modern overheidsmanagement

Documents
Employee Monitoring in the Modern Workplace - · PDF fileEmployee Monitoring in the Modern Workplace ... encounter many challenges, which can be effectively overcome thanks to monitoring

Employee Monitoring in the Modern Workplace - · PDF fileEmployee Monitoring in the Modern Workplace ... encounter many challenges, which can be effectively overcome thanks to monitoring

Documents
Graylog Engineering - Design Your Architecture

Graylog Engineering - Design Your Architecture

Technology
Modern prediction methods in the monitoring process of ... · Modern prediction methods in the monitoring process of security parameters MARIUS DARIE1, SORIN BURIAN2, JEANA IONESCU3,

Modern prediction methods in the monitoring process of ... · Modern prediction methods in the monitoring process of security parameters MARIUS DARIE1, SORIN BURIAN2, JEANA IONESCU3,

Documents
Development and Use of Modern Technologies in Monitoring ... 4... · Development and Use of Modern Technologies in Monitoring Control Sultan Al-Sultan Akita Prefectural University-Japan

Development and Use of Modern Technologies in Monitoring ... 4... · Development and Use of Modern Technologies in Monitoring Control Sultan Al-Sultan Akita Prefectural University-Japan

Documents
Mastering major CSDE upgrade · 2017-12-18 · the monitoring system is completely rebuilt and new subsystems are integrated into it: Zabbix and Graylog - for centralized storing

Mastering major CSDE upgrade · 2017-12-18 · the monitoring system is completely rebuilt and new subsystems are integrated into it: Zabbix and Graylog - for centralized storing

Documents
Modern Monitoring and processing logs

Modern Monitoring and processing logs

Software
Waste Hydrogen Pipelines Monitoring in Modern Power Plant

Waste Hydrogen Pipelines Monitoring in Modern Power Plant

Documents
The Essential Guide to Modern Network Monitoring

The Essential Guide to Modern Network Monitoring

Documents
Modern Lessons in Security Monitoring

Modern Lessons in Security Monitoring

Technology
monitoring Linux And Windows Logs With Graylog Collector · Monitoring Linux and Windows Logs with Graylog Collector Bernd Ahlers ... Getting insight & collecting business metrics

monitoring Linux And Windows Logs With Graylog Collector · Monitoring Linux and Windows Logs with Graylog Collector Bernd Ahlers ... Getting insight & collecting business metrics

Documents
Modern Network Traffic Monitoring - ITNOG

Modern Network Traffic Monitoring - ITNOG

Documents
Graylog Documentation - Read the Docs · 3 Configuring and tuning ... • graylog-servernodes should have a focus on ... •MongoDB is only being used to store configuration and

Graylog Documentation - Read the Docs · 3 Configuring and tuning ... • graylog-servernodes should have a focus on ... •MongoDB is only being used to store configuration and

Documents