Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Measuring and Logging Everything in Real Time

Bastian Hofmann
June 16, 2015
Programming
2
150

Measuring and Logging Everything in Real Time

Do you know what is happening in your web application right now, this second, how many requests, logins, exceptions you have, how many and what data your users are generating and what the click through rate of each of your registration step is? Or do you know exactly which exception with which stack trace caused the error your users are seeing? If not, this talk will show how you can easily measure and log everything that happens in your application with the help of open source tools, such as Graphite, StatsD, Elasticsearch and Logstash, without influencing your production environment.

Bastian Hofmann

June 16, 2015
Tweet

More Decks by Bastian Hofmann

See All by Bastian Hofmann
Monitoring in Kubernetes with Prometheus and Grafana
bastianhofmann
0
260
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
85
Highly available cross-region deployments with Kubernetes
bastianhofmann
1
120
From source to Kubernetes in 30 minutes
bastianhofmann
0
120
Introduction to Kubernetes
bastianhofmann
1
140
CI/CD with Kubernetes
bastianhofmann
0
150
Creating a fast Kubernetes Development Workflow
bastianhofmann
1
240
Deploying your first Micro-Service application to Kubernetes
bastianhofmann
2
160
Creating a fast Kubernetes Development Workflow
bastianhofmann
0
160

Other Decks in Programming

See All in Programming
MetricKitで予期せぬ終了を検知する話 / Detect unexpected termination with MetricKit
nekowen
1
200
大規模Reactアプリのリアーキテクチャ~8万行のTanStack Query移行の軌跡~
kj455
4
1k
障害対応を起点としたもっといい開発と運用のサイクル作りのためにできること / Hatena Enginner Seminar #29
polamjag
0
400
パフォーマンスを求めてDBに機能を寄せる戦略
aoyagikouhei
0
110
Elm Form Validation
bkuhlmann
0
520
AppRouter Panel Talk
yosuke_furukawa
PRO
1
480
StoreKit2によるiOSのアプリ内課金のリニューアル
kangnux
0
130
検証も兼ねて個人開発でHonoとかと向き合った話
hanetsuki
1
1.3k
ServerAction で Progressive Enhancement はどこまで頑張れるか? / progressive-enhancement-with-server-action
takefumiyoshii
6
450
敵対的ポイフル
futabato
0
140
雑に思考を整理する技術と効能
konifar
64
30k
GraphQLサーバの構成要素を整理する #ハッカー鮨 #tsukijigraphql / graphql server technology selection
izumin5210
4
920

Featured

See All Featured
Designing for humans not robots
tammielis
247
25k
The Straight Up "How To Draw Better" Workshop
denniskardys
228
130k
Large-scale JavaScript Application Architecture
addyosmani
504
110k
The Illustrated Children's Guide to Kubernetes
chrisshort
32
46k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
226
51k
Building Better People: How to give real-time feedback that sticks.
wjessup
356
18k
Web development in the modern age
philhawksworth
203
10k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
26
2.3k
Thoughts on Productivity
jonyablonski
60
3.9k
Statistics for Hackers
jakevdp
790
220k
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
20
1.8k
Fireside Chat
paigeccino
22
2.6k

Transcript

  1. Measuring & Logging Everything in Real- Time @BastianHofmann

  2. Logging

  3. Measuring

  4. Many roads

  5. None
  6. None

  7. A few words about me

  8. None
  9. None

  10. Questions? Ask

  11. http://speakerdeck.com/u/bastianhofmann

  12. Logging

  13. For when something goes wrong

  14. server error log access log debug logs slow query log

    ...

  15. $ ssh my_simple_server

  16. $ tail -f error.log $ cat error.log | grep Exception

  17. Error Logs

  18. ErrorLog /var/logs/apache/error.log

  19. None

  20. HTTP Response Codes http://www.w3.org/Protocols/rfc2616/rfc2616- sec6.html

  21. None

  22. Log additional info

  23. Not only error codes

  24. Request Information

  25. Handling Notices, Warnings, Errors

  26. Access Logs

  27. 192.168.56.1 - - [09/Jul/2012:19:18:19 +0200] "GET /rg_trunk/webroot/c/af10c/ images/template/rg_logo_default.png HTTP/ 1.1"

    200 882 "http://devm/rg_trunk/webroot/ directory/publications/"

  28. LogFormat "%h %l %u %t \"%r\" %>s %b" custom CustomLog

    /var/logs/apache/access.log custom http://httpd.apache.org/docs/2.2/mod/ mod_log_config.html#logformat

  29. Log additional info

  30. Debug Logs

  31. Log in a structured way

  32. JSON http://www.ietf.org/rfc/rfc4627.txt

  33. FingersCrossed

  34. Logs from other services

  35. web server http service http service http service http service

    user request log log log log log

  36. Correlation / Tracing ID

  37. web server http service http service http service http service

    create unique trace_id for request user request trace_id trace_id trace_id trace_id log log log log log

  38. X-Trace-Id: bbr8ehb984tbab894

  39. web server http service http service http service http service

    create unique trace_id for request user request trace_id trace_id trace_id trace_id log log log log log
  40. None
  41. None
  42. None

  43. Aggregate the logs in a central place

  44. Make them easily full-text searchable

  45. Make them aggregate-able

  46. Always Log to file

  47. Directly to a database

  48. webserver webserver webserver DB

  49. Disadvantages

  50. Database is down?

  51. Database is slow?

  52. Database is full?

  53. How to integrate access logs?

  54. Influences application performance

  55. Frontend?

  56. Better solutions?

  57. Logstash + Elasticsearch + Kibana

  58. Full text search

  59. Structured Messages

  60. Always Log to file

  61. Logstash elasticsearch webserver webserver webserver AMQP log log log logstash

    logstash logstash

  62. logstash http://logstash.net/

  63. input filter output

  64. Very rich plugin system

  65. Logstash elasticsearch webserver webserver webserver AMQP log log log logstash

    logstash logstash

  66. input { file { type => "error" path => [

    "/var/logs/php/*.log" ] add_field => [ "severity", "error" ] } file { type => "access" path => [ "/var/logs/apache/*_access.log" ] add_field => [ "severity", "info" ] }

  67. filter{ grok { match => ["@source", "\/%{USERNAME:facility}\.log$"] } grok {

    type => "access" pattern => "^%{IP:OriginalIp} \s[a-zA-Z0-9_-]+\s[a-zA-Z0-9_-]+\s\[.*? \]\s\"%{DATA:Request}..." } }

  68. output { amqp { host => "amqp.host" exchange_type => "fanout"

    name => "logs" } }

  69. Logstash elasticsearch webserver webserver webserver AMQP log log log logstash

    logstash logstash

  70. input {
 rabbitmq {
 queue => "logs"
 host => "amqp.host"


    exchange => "ls_exchange"
 exclusive => false
 }
 }

  71. filter { grok {
 match => [
 'Type','EntityNotFoundException| TimeoutException'
 ]


    break_on_match => true
 add_tag => ['not_serious']
 tag_on_failure => ['serious']
 } }

  72. output {
 elasticsearch {
 embedded => false
 bind_host => "localhost"


    bind_port => "9305"
 host => "localhost"
 cluster => "logs"
 }
 }

  73. Kibana http://www.elasticsearch.org/overview/kibana/

  74. None

  75. Measuring

  76. For knowing what happens

  77. Technical Metrics

  78. Business Metrics

  79. Define your KPIs

  80. Graphite http://graphite.wikidot.com/

  81. webserver webserver webserver graphite UDP

  82. StatsD https://github.com/etsy/statsd/

  83. webserver webserver webserver graphite UDP statsd

  84. webserver webserver webserver statsd statsd statsd graphite aggregated UPD message

  85. webserver webserver webserver statsd statsd statsd graphite aggregated UPD message

    statsd

  86. Metric?

  87. Counters

  88. Timers

  89. Gauges

  90. None

  91. https://www.librato.com

  92. http://www.soasta.com/

  93. http://mashable.com/2010/10/13/etsy-office-pics/

  94. Anomaly detection

  95. http://codeascraft.com/2013/06/11/introducing-kale/

  96. Remember: Response Times

  97. Easiest approach: Get it out of the access log

  98. 192.168.56.1 - - [09/Jul/2012:19:18:19 +0200] "GET /rg_trunk/webroot/c/af10c/ images/template/rg_logo_default.png HTTP/ 1.1"

    200 882 "http://devm/rg_trunk/webroot/ directory/publications/"

  99. Is this actually what we want to measure?

  100. None

  101. External Resources CSS JavaScript Images Slow connections Slow Browsers SSL

    Handshakes DNS resolving

  102. That is what we want to measure!

  103. None

  104. Navigation Timing API https://developer.mozilla.org/en-US/docs/ Navigation_timing

  105. None

  106. Resource Timing API http://www.w3.org/TR/resource-timing/

  107. None

  108. https://github.com/lognormal/boomerang

  109. browser JS: boomerang logstash trackingServer access log requests tracking image

    with timing information as query parameters graphite statsd

  110. input {
 file {
 type => "pagespeed-access"
 path => [

    "/var/log/nginx/ access_log/monitoring-access.log" ]
 }
 }

  111. filter{
 grok {
 type => "pagespeed-access"
 pattern => "^.*\s\"[A-Z]+\s[^\?\s]+ \?page=%{DATA:page}\&connectTime=%

    {NUMBER:connectTime}...)?\sHTTP\/\d\.\d\".* $"
 }
 grok {
 type => "pagespeed-access"
 match => ["page", "^(profile| home|...)\.logged(In|Out)$"]
 exclude_tags => ["_grokparsefailure"]
 }
 }

  112. output { statsd { type => "pagespeed-access" exclude_tags => ["_grokparsefailure"]

    host => "localhost" port => 8126 namespace => "pagespeed" sender => "" timing => [ "%{page}.connect", "% {connectTime}", ... ] } }

  113. Profiling

  114. None
  115. None
  116. None
  117. None
  118. None

  119. Use it locally on your dev machine

  120. Use it in production for a subset of requests

  121. None
  122. None
  123. None
  124. None
  125. None
  126. None
  127. None
  128. None

  129. Use it in production for a subset of requests

  130. https://qafoolabs.com/

  131. https://blackfire.io/

  132. http://newrelic.com/

  133. http://twitter.com/BastianHofmann http://profiles.google.com/bashofmann http://lanyrd.com/people/BastianHofmann http://speakerdeck.com/u/bastianhofmann https://github.com/bashofmann https://www.researchgate.net/profile/Bastian_Hofmann/ [email protected]