GithubHelp home page GithubHelp logo

leodido / logs2metrics-talk Goto Github PK

View Code? Open in Web Editor NEW
5.0 4.0 4.0 5.78 MB

Companion code of the talk about extracting metrics from logs with the TICK stack

Home Page: https://speakerdeck.com/leodido/from-logs-to-metrics

Dockerfile 9.37% Go 90.63%
syslog chronograf-log-viewer telegraf tick-stack logging metrics observability talk influxdb

logs2metrics-talk's Introduction

Talk: From logs to metric with the TICK stack

Slides.

This repository contains the PoC associated with the talk "From logs to metric with the TICK stack".

Its main goal is to show how to extract (structured) value from the huge amount of (unstructured) information that logs contain.

In brief, the steps are as follows: parsing of syslog messages into structured data, ingesting/collecting them via Telegraf syslog input plugin, visualizing and plot them via Chronograf's log viewer, and eliciting new meaningful metrics (eg. number of process OOM killed) to plot processing them via a Kapacitor UDF.

The stack used to achieve this is:

Chronograf Log Viewer

Exploring RFC5425 syslog messages with Chronograf

Couting OOMs

Counting OOMs of stress pod

Setup

First of all we need a local k8s environment.

Let's proceed with minikube.

minikube start --docker-opt log-driver=journald

Note that we need the journald log driver for the inner docker since the rsyslog's mmkubernetes module only works with it (or with json-file docker log driver).

The following step is to become a YAML developer ๐Ÿ™‰ ๐Ÿ™Š, applying all the YAML files describing our setup.

YAML meme The life of a YAML developer

Assuming your minikube setup is capable of provisioning volumes, execute the following commands.

kubectl apply -f namespace.yaml
kubectl apply -f roles.yaml
kubectl apply -f influxdb.yaml
kubectl apply -f telelog.yaml
kubectl apply -f chronograf.yaml
kubectl apply -f kapacitor.yaml
kubectl apply -f stress.yaml

Finally to access Chronograf from within our local browser we need the following port forward.

kubectl port-forward svc/chronograf -n logging 8888:80

Go to localhost:8888 now!

Run with local up cluster

TBD.

Developing the Kapacitor UDF

File docker-compose.yaml is useful during the development and debugging of the Kapacitor UDF.

To make it working do not forget to forward the port of the influxdb within minikube.

kubectl port-forward svc/influxdb -n logging 8686:8686

Then run

docker-compose up -d

Other suitable docker log drivers

It is possible to use this with syslog docker log driver with following log options:

  • syslog-format=rfc5424micro
  • syslog-address=udp://1.2.3.4:1111 (telegraf syslog plugin)

In such case:

  • there is not need for rsyslog
  • telegraf syslog plugin in UDF mode (at the moment in TCP/TLS mode there is not way to disable octet framing requirement - ie., RFC5425)
  • syslog facility will be fixed (depending on the syslog-facility option)

TBD: create an alternative setup for this setup.

Analytics

logs2metrics-talk's People

Contributors

leodido avatar

Stargazers

avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

sandeepk17 voiprodrigo eoof randianb

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.