Skip to content

Latest commit

 

History

History
276 lines (197 loc) · 4.68 KB

source.md

File metadata and controls

276 lines (197 loc) · 4.68 KB
Raw

name: inverse class: center, middle, inverse layout: true

name: normal class: layout: true

class: center, middle

centralized application logging

WDCM

13.01.2014

template: inverse

Zentralisiert loggen

Warum will man das?

.left-column[ Zentralisiert loggen ]

.right-column[

  • Festplattenaktivität reduzieren / Cloud-Server

  • Einheitliches Interface

  • Filter + Aggregation + Visualisierung + Alerts

  • SOA: Nutzeraktivitäten über eine Vielzahl von Services hinweg nachverfolgen

]

template: inverse

Graylog

template: normal

Was ist Graylog2

.left-column[ O-Ton ] .right-column[

Centralize all your log messages

  • Collect terabytes of log messages

  • Process in real-time

  • Search and analyze in seconds ]

Wer ist Graylog2

  • Deutsches Startup (Hamburg)

2013 - Seed finanziert e.ventures, HTGF, Hasso Plattner und Atlantic Capital

  • OpenSource (GPL) + Kommerzieller Support

  • Java

  • Aktuell: Version 0.92 (1.0.0 beta)
    3200 Commits
    1100 Stars auf Github
    seit ca. 2010

.left-column[ Komponenten ] .right-column[

  • Graylog2-Server
  • Graylog2-Web
  • Inputs
  • ElasticSearch + MongoDB

]

Integrationen

https://www.graylog2.org/supported-sources

.column-list[

  • .NET/log4net (gelf4net)

  • .NET/NLog (Gelf4NLog)

  • .NET/NLog (NLog.GelfLayout)

  • Apache AccessLog

  • APC MGE

  • Audit Daemon

  • AWS CloudTrail beta

  • Bind9 Query Log

  • C++ (gelf4cplus)

  • Cisco Catalyst

  • Clavister Firewalls

  • Cocoa/mObjective-C (MCGraylog)

  • Dropwizard (dropwizard-gelf)

  • Erlang/lager (erl_graylog_sender)

  • Erlang/lager (lager_graylog_backend)

  • Go (go-gelf)

  • Go (gomaplog)

  • Go (graylog-golang)

  • HAProxy

  • HAProxy HTTP Logs

  • HAProxy HTTP logs

  • Heroku

  • hubot (hubot-graylog-transcript)

  • Java (gelfclient)

  • Java/Log4j (gelf4j)

  • Java/Log4j (gelfj)

  • Java/Log4j 2 (log4j2-gelf)

  • Java/Logback (logback-gelf)

  • Java/tinylog (tinylog-gelf)

  • Juniper ScreenOS

  • MAC Address

  • MongoDB

  • NetApp

  • nginx

  • node.js (gelf-node)

  • node.js (graygelf)

  • node.js (log4js-node)

  • node.js (node-gelf-pro)

  • node.js (node-graylog)

  • node.js/Bunyan (gelf-stream)

  • node.js/Bunyan (messina)

  • Oracle Database 11.2g

  • Palo Alto Firewalls

  • Pam and Crond

  • Perl/Log4perl (log4perl_gelf)

  • Perl/Log4perl (Net-Graylog-Client)

  • pfSense

  • PHP (gelf-php)

  • PHP/log4php (log4php-graylog2)

  • PHP/Monolog (Monolog GelfHandler)

  • Postfix

  • Puppet

  • Python (gelfHandler)

  • Python (graypi)

  • Python (pygelf)

  • Python (python-gelfclient)

  • RabbitMQ

  • Redis

  • Resque (graylog2-resque)

  • Ruby (gelf-rb)

  • Ruby/Rack (graylog2_exceptions)

  • Ruby/Yell (yell-adapters-gelf)

  • Sidekiq (sidekiq-gelf)

  • Snort

  • Squid

  • SSH daemon

  • Sudo Command

  • systemd (journal2gelf)

  • systemd (SystemdJournal2Gelf)

  • Ubuntu Linux UFW firewall log values

  • syslog-ng

  • rsyslog

  • GELF over HTTP

]

template: inverse

Live-Demo

???

http://ec2-54-93-59-43.eu-central-1.compute.amazonaws.com/

logger --priority local0.info "Hello World"

curl -XPOST localhost:12201/gelf -p0 -d '{"short_message":"Hello there", "host":"example.org", "facility":"test", "_foo":"bar"}' -v

template: normal

Installation

.left-column[

Manuell

] .right-column[

.left-column[

Automatisch

CM-Pakete direkt angeboten ] .right-column[

Alternativen

.left-column[ Zentralisiert loggen ]

.right-column[

  • OpenSource
    • ELK (ElasticSearch, Logstash, Kibana)
    • Splunk
    • Fluentd
  • Hosted
    • Papertrail
    • NewRelic
  • Mehr, Noch mehr

]

template: inverse

Fin.

Stefan Wienert

pludoni GmbH

@stefanwienert / github.com/zealot128

Ansible Playbook Demo-Server