Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Continuous improvement of your data to achieve better business decisions

Elasticsearch Inc
June 04, 2014
Technology
1
2.6k

Continuous improvement of your data to achieve better business decisions

This presentation gives a high level overview of using the ELK stack. In this presentation, you will learn how the ELK stack can help you make data driven decisions about how to run and grow your business.

This talk was originally presented at Mimacom Days Zurich.

Elasticsearch Inc

June 04, 2014
Tweet

More Decks by Elasticsearch Inc

See All by Elasticsearch Inc
OSCON: Scaling a distributed engineering team from 50-250
elasticsearch
13
1.3k
Stuff a Search Engine Can Do
elasticsearch
17
1.6k
Using Elastic to monitor anything
elasticsearch
3
1.5k
Log all the things!
elasticsearch
4
1.1k
Why Elastic? @ 50th Vinitaly 2016
elasticsearch
5
1.9k
What's New In Elasticland?
elasticsearch
3
780
Kibana, Timelion, Graph Meetup
elasticsearch
3
750
Elastic for Time Series Data and Predictive Analytics
elasticsearch
4
2.9k
Elastic 2.0
elasticsearch
1
710

Other Decks in Technology

See All in Technology
重厚長大な企業の内製開発組織で成果を出すためのサーバーレスアーキテクチャ / ServerlessDays Tokyo 2023
mongolyy
3
690
Building smarter apps with machine learning, from magic to reality
picardparis
4
3.6k
Create the DTO System of your Dreams: stateOptions + entityClass
weaverryan
1
480
how will foundation models change robotics
keio_smilab
PRO
2
270
Microsoft Azure Well-Architected Framework でセキュアに
masakamayama
1
190
Priorityを制するものはローディングを制す
edwardkenfox
4
300
Renovate を使った ライブラリアップデート 仕組み化の取り組み
andpad
0
100
Fivetranでデータ移動を自動化する
hankehly
0
120
フロントエンドの開発生産性とは
yosuke_furukawa
PRO
15
6.7k
Azure OpenAI Service リファレンスアーキテクチャからみる本番システムレベルの LLM アプリに必要な検討項目の解説 / From Azure OpenAI Reference Architecture to Production-Ready LLM Apps #serverlessdays #serverlesstokyo
koudaiii
5
1.6k
フィンテック養成勉強会#33
finengine
0
140
ログから学ぶgo build
nasa_desu
0
160

Featured

See All Featured
Principles of Awesome APIs and How to Build Them.
keavy
119
16k
YesSQL, Process and Tooling at Scale
rocio
159
13k
Imperfection Machines: The Place of Print at Facebook
scottboms
257
12k
jQuery: Nuts, Bolts and Bling
dougneiner
57
6.8k
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
33
8.6k
Making the Leap to Tech Lead
cromwellryan
119
8.1k
In The Pink: A Labor of Love
frogandcode
135
21k
Git: the NoSQL Database
bkeepers
PRO
420
61k
We Have a Design System, Now What?
morganepeng
40
6.3k
Building Flexible Design Systems
yeseniaperezcruz
317
36k
Building Better People: How to give real-time feedback that sticks.
wjessup
349
18k
Six Lessons from altMBA
skipperchong
17
2.6k

Transcript

  1. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Continuous improvement of your data to
    achieve better business decisions
    Why we built the ELK stack
    Alexander Reelsen

    [email protected]

    View Slide

  2. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Agenda

    View Slide

  3. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Agenda
    • Introduction

    The problem with data in your IT infrastructure

    Why your current approach is flawed

    • The ELK stack

    Logstash

    Elasticsearch

    Kibana & Marvel

    • Case Study

    • Summary

    View Slide

  4. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Elasticsearch
    • Founded in 2012 in Amsterdam

    • Funded by Benchmark, Index Ventures and NEA Ventures

    • Distributed company

    HQs in Amsterdam & Los Altos

    Offices in Berlin, London & Phoenix

    • Revenue from trainings, support subscriptions & monitoring
    product

    • Employing experts in open source, search, logging &
    visualization

    View Slide

  5. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Introduction

    View Slide

  6. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    What is the core asset of your company?
    • Ideas?

    • Patents?

    • Employees?

    • Customers?

    • Warehouse?

    • Software?

    !
    • How do you decide where to invest?

    View Slide

  7. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    By using data!
    Store
    Read
    Enrich
    Merge
    Data
    lifecycle

    View Slide

  8. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Lots of data!
    • Product recommendations

    • Page views

    • Internet of Things

    • Social media

    !
    • So, the more, the better? Sure, if...

    View Slide

  9. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    The promise of "Big Data"
    01101001 11010011

    11001001 10111001

    00101010 00001101

    00100110 11000101

    11001010 00010001

    00110011 10101101

    00111101 00110010

    11000110 11011110

    01011110 00010111

    01010010 10110101

    01101001 11100010

    01101011 10000000

    11111010 00001111
    Create Store Insight
    • Problem 1: Missing key factor: TIME

    • Problem 2: Merging different data sources

    • Problem 3: Storing the data does not lead to insights

    View Slide

  10. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Correlation between time and event
    • The value of an event changes based on how quickly you
    can store and analyze it

    !
    !
    !
    • Examples

    Outage notification

    Stock ticker value

    Social media posts

    Page views on frontpage (used for further ranking)
    0
    50
    100
    April May June July

    View Slide

  11. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Merging data sources
    • An event may increase its value if it is merged with different
    data

    !
    You just got your biggest order ever - what do you know about this
    customer?

    Sudden traffic spike

    Geo information from a mobile device when searching for a restaurant

    Social media generated page views

    Fraud detection for payments

    View Slide

  12. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Storing data != insight
    • Just because you are writing terabytes of data does not give
    you any value

    • SQL example: We are trained to normalize our data as well
    as possible, until we denormalize it again to counter
    performance issues

    • Data should never be optimised for writing, but always
    optimised for reading and information extraction.

    View Slide

  13. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    The data scientist fallacy
    • Result of a flawed IT infrastructure

    • Often doing someone else’s job

    • Human process of that graph

    • Gathering data != insights

    View Slide

  14. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Do it yourself!
    • Why not let everyone create their own reports? Customized,
    straight to the point, near real-time

    • Requirements

    Clean data to work on

    Fast analysis chain

    Easy to use front-end

    !
    Meet the ELK stack

    View Slide

  15. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    The ELK stack

    View Slide

  16. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    The ELK stack
    Store
    Read
    Enrich
    Merge
    Data
    Lifecycle

    View Slide

  17. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    The ELK stack
    Elasticsearch
    Kibana
    Logstash
    Logstash
    Data
    Lifecycle
    Store
    Read
    Merge
    Enrich

    View Slide

  18. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    The ELK stack
    Logstash Store/Search Visualize
    Data

    View Slide

  19. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Logstash
    Logstash Store/Search Visualize
    Data

    View Slide

  20. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Logstash
    • Managing events and logs

    • Collect data

    • Parse data

    • Enrich data

    • Store data

    • Open Source: Apache License 2.0

    View Slide

  21. Copyright Elasticsearch 2014 Copying, publishing and/or distributing without written permission is strictly prohibited
    Logstash
    Input Output
    Filter
    datastore

    stream

    log files

    files

    monitoring

    queues

    network
    datastore

    files

    email

    pager

    monitoring

    chat

    API

    queues
    parse, enrich, tag, drop
    Logstash architecture

    View Slide

  22. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Logstash
    Input Output
    Filter
    datastore

    stream

    log files

    files

    monitoring

    queues

    network
    Logstash architecture
    datastore

    files

    email

    pager

    monitoring

    chat

    API

    queues
    parse, enrich, tag, drop
    ip: 141.1.1.1
    ip: 141.1.1.1

    city: Zurich

    country: CH

    View Slide

  23. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Elasticsearch
    Logstash Store/Search Visualize
    Data

    View Slide

  24. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Elasticsearch
    • Schema-free, REST & JSON based distributed search engine

    • Open Source: Apache License 2.0

    !
    • Easy to understand, yet very powerful query language

    Full text search (phrase, fuzzy)

    Numeric search (support ranges, dates, ipv4 addresses)

    Highlighting

    Aggregations

    Suggestions

    View Slide

  25. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Copyright Elasticsearch 2013. Copying, publishing and/or distributing without written permission is strictly prohibited

    View Slide

  26. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Create knowledge from data
    • Orders

    How many orders were created every day in the last month?

    How many orders were created per country in the last month?

    • Money

    What is the average revenue per shopping cart?

    What is the average shopping cart size per order per hour?

    • Product portfolio

    Take the location of people into account for special offers?

    Analyze page views - premium or low-budget ecommerce site?

    View Slide

  27. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Kibana
    Logstash Store/Search Visualize
    Data

    View Slide

  28. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Kibana
    • Execute queries on your data & visualize results

    • Add/remove widgets

    • Share/Save/Load dashboards

    • Open Source: Apache License 2.0

    View Slide

  29. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Kibana

    View Slide

  30. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Kibana

    View Slide

  31. Copyright Elasticsearch 2014 Copying, publishing and/or distributing without written permission is strictly prohibited
    Kibana

    View Slide

  32. Copyright Elasticsearch 2014 Copying, publishing and/or distributing without written permission is strictly prohibited
    Kibana

    View Slide

  33. Copyright Elasticsearch 2014 Copying, publishing and/or distributing without written permission is strictly prohibited
    Kibana

    View Slide

  34. Copyright Elasticsearch 2014 Copying, publishing and/or distributing without written permission is strictly prohibited
    Marvel Overview
    place text here

    View Slide

  35. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Case Study

    View Slide

  36. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Case Study: The Guardian
    • Ophan: In-house analytics software

    • Empower the organization

    Give the entire organization real-time insight into audience engagement

    Democratize analytics access for more than 500 users

    Encourage a culture of exploration and innovation for all employees

    • Leverage real-time analytics

    Easily query 360 million documents

    See traffic for all content as it happens

    Gain insight into how updates impact site traffic

    !
    • http://www.elasticsearch.com/case-study/guardian/

    View Slide

  37. Copyright Elasticsearch 2014 Copying, publishing and/or distributing without written permission is strictly prohibited
    Case Study: The Guardian

    View Slide

  38. Copyright Elasticsearch 2014 Copying, publishing and/or distributing without written permission is strictly prohibited
    Case Study: The Guardian

    View Slide

  39. Copyright Elasticsearch 2014 Copying, publishing and/or distributing without written permission is strictly prohibited
    Case Study: The Guardian

    View Slide

  40. Copyright Elasticsearch 2014 Copying, publishing and/or distributing without written permission is strictly prohibited
    Case Study: The Guardian

    View Slide

  41. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Summary

    View Slide

  42. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Data driven decisions!
    • Do not create data silos. Free your data!

    • Make sure data is easy to query, not to store

    • Visualize

    • Give everyone the opportunity to query

    • Reiterate

    !
    • Let the ELK stack help you to enable data driven decisions
    all across your company

    View Slide

  43. Copyright Elasticsearch 2014. Copying, publishing and/or distributing without written permission is strictly prohibited
    Thanks for listening!

    Q & A
    Alexander Reelsen

    @spinscale

    [email protected]
    P.S. We’re hiring

    http://elasticsearch.com/about/jobs

    http://elasticsearch.com/support

    View Slide