Upgrade to PRO for Only $50/Year—Limited-Time Offer! 🔥

Kibana4でいろんなデータを見てみよう

Avatar for Jun Ohtani Jun Ohtani
April 13, 2015
Technology
0
4.5k

 Kibana4でいろんなデータを見てみよう

JJUG CCC 2015 Springでの発表資料です。

Kibana4についてはデモを行ったため説明は少ないです。

Avatar for Jun Ohtani

Jun Ohtani

April 13, 2015
Tweet

More Decks by Jun Ohtani

See All by Jun Ohtani
Elastic Stackでマイクロサービス運用を
楽にするには? / Monitoring Microservices with Elastic Stack
Avatar for Jun Ohtani johtani
5
3k
様々なメトリクスやログを集めてシステム解析 - Elastic Stackの入門と活用 - / Getting started Elastic Stack for logging/metrics
Avatar for Jun Ohtani johtani
4
1.1k
え?SQLで入門?する
 ElasticsearchとElastic Stack / Getting started Elastic Stack with SQL
Avatar for Jun Ohtani johtani
4
1.1k
Elastic Stack 入門 2018.09 / Getting started Elastic Stack 2018.09
Avatar for Jun Ohtani johtani
3
2.9k
What's new in Elastic Stack 6.3
Avatar for Jun Ohtani johtani
2
2.2k
Elastic Stackで始めるJavaアプリのパフォーマンス監視 / Intro Elastic Stack and Elastic APM Java
Avatar for Jun Ohtani johtani
5
2.5k
様々なメトリクスやログを集めてシステム解析 
- Elastic Stackの入門と活用 - / Intro Elastic Stack
Avatar for Jun Ohtani johtani
0
150
Intro Elastic Stack at Telemetry WG
Avatar for Jun Ohtani johtani
0
260
What's new in Elastic Stack 6.1?
Avatar for Jun Ohtani johtani
0
690

Other Decks in Technology

See All in Technology
Edge AI Performance on Zephyr Pico vs. Pico 2
Avatar for misoji engineer iotengineer22
0
110
Agentic AI Patterns and Anti-Patterns
Avatar for Guillaume Laforge glaforge
1
200
生成AI・AIエージェント時代、データサイエンティストは何をする人なのか?そして、今学生であるあなたは何を学ぶべきか?
Avatar for kuri8ive kuri8ive
2
2.1k
生成AIでテスト設計はどこまでできる? 「テスト粒度」を操るテーラリング術
Avatar for ks shota_kusaba
0
500
Ruby で作る大規模イベントネットワーク構築・運用支援システム TTDB
Avatar for Taketo Takashima taketo1113
1
200
Debugging Edge AI on Zephyr and Lessons Learned
Avatar for misoji engineer iotengineer22
0
120
5分で知るMicrosoft Ignite
Avatar for Taiji HAGINO taiponrock
PRO
0
210
バグハンター視点によるサプライチェーンの脆弱性
Avatar for morioka12 scgajge12
3
1k
エンジニアリングマネージャー はじめての目標設定と評価
Avatar for d-haru halkt
0
250
乗りこなせAI駆動開発の波
Avatar for Ikko Eltociear Ashimine eltociear
1
990
直接メモリアクセス
Avatar for KOBA789 koba789
0
280
MapKitとオープンデータで実現する地図情報の拡張と可視化
Avatar for ZOZO Developers zozotech
PRO
1
120

Featured

See All Featured
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
Avatar for Tammy Everts tammyeverts
55
3.1k
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
359
30k
Thoughts on Productivity
Avatar for Jon Yablonski jonyablonski
73
5k
jQuery: Nuts, Bolts and Bling
Avatar for Doug Neiner dougneiner
65
8.2k
Code Review Best Practice
Avatar for Trisha Gee trishagee
74
19k
Six Lessons from altMBA
Avatar for Skipper Chong Warson skipperchong
29
4.1k
Faster Mobile Websites
Avatar for Dean Hume deanohume
310
31k
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
52
5.7k
Why You Should Never Use an ORM
Avatar for John Nunemaker jnunemaker
PRO
61
9.6k
The Illustrated Children's Guide to Kubernetes
Avatar for Chris Short chrisshort
51
51k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
Avatar for Kevin Liebholz kevinliebholz
36
6.2k
Designing Experiences People Love
Avatar for Jonathan Moore moore
143
24k

Transcript

  1. ͍ΖΜͳσʔλΛKibana4ͰݟͯΈΑ͏ Jun Ohtani @johtani 2015/04/11

  2. None

  3. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 3 about • Me, Jun Ohtani / Technical Adovocate – lucene-gosenίϛολʔ – ElasticSearch Server೔ຊޠ൛ͷ຋༁ – elasticsearch-extended-analysisͷ։ൃ – http://blog.johtani.info • Elasticsearch, founded in 2012 – Products: Elasticsearch, Logstash, Kibana, Marvel
 Professional services: Support & development subscriptions – Trainings

  4. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 4 ΞδΣϯμ • ELK stack঺հ • Logstash • Elasticsearch • Kibana • ϢʔεέʔεʴσϞ • ΞΫηεϩά • Twitter Stream • …

  5. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 5 ELK stack ELK stack

  6. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 6 ELK stack Data Import/Parse/ Export Store/Search Visualize

  7. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 7 ELK stack Import/Parse/ Export Store/Search Visualize Data

  8. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 8 Logstash Logstash

  9. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 9 Logstash in 10 seconds • ϩάɾσʔλͷऩूɾ؅ཧ • ऩूɺύʔεɾՃ޻ɺૹग़ • ΦʔϓϯιʔεɿApache License 2.0 • Ruby app (JRuby) • ࠷৽൛ɿ1.4.2 or 1.5.0 RC2

  10. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 10 Logstash architecture Logstash Input Output Filter ? ? collect  and  split alter  and  enrich store  and  visualize

  11. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 11 ઃఆαϯϓϧ input  {          file  {                  path  =>  "/Users/johtani/demo_access_log/*/*.log"          }   }   filter  {          grok  {                  match  =>  {  "message"  =>  "%{COMBINEDAPACHELOG}"  }          }   }   output  {          elasticsearch  {  host  =>  "localhost"  }   }

  12. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 12 ઃఆαϯϓϧ input  {          file  {                  path  =>  "/Users/johtani/demo_access_log/*/*.log"          }   }   filter  {          grok  {                  match  =>  {  "message"  =>  "%{COMBINEDAPACHELOG}"  }          }   }   output  {          elasticsearch  {  host  =>  "localhost"  }   }

  13. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 13 ઃఆαϯϓϧ input  {          file  {                  path  =>  "/Users/johtani/demo_access_log/*/*.log"          }   }   filter  {          grok  {                  match  =>  {  "message"  =>  "%{COMBINEDAPACHELOG}"  }          }   }   output  {          elasticsearch  {  host  =>  "localhost"  }   }

  14. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 14 ઃఆαϯϓϧ input  {          file  {                  path  =>  "/Users/johtani/demo_access_log/*/*.log"          }   }   filter  {          grok  {                  match  =>  {  "message"  =>  "%{COMBINEDAPACHELOG}"  }          }   }   output  {          elasticsearch  {  host  =>  "localhost"  }   }

  15. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 15 μ΢ϯϩʔυͱىಈ $ wget https://download.elastic.co/... $ tar -xf logstash-1.5.0-rc2.tar.gz $ ./bin/logstash -e 'input { stdin{}} output {stdout{}}' ... Logstash startup completed ... Also puppet modules and RPM/DEB

  16. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 16 ELK stack Import/Parse/ Export Store/Search Visualize Data

  17. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 17 Elasticsearch Elasticsearch

  18. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 18 ϑϦʔϫʔυݕࡧ

  19. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 19 ߜΓࠐΈ

  20. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 20 ϋΠϥΠτ

  21. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 21 ιʔτ

  22. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 22 ϖʔδϯά

  23. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 23 ूܭ

  24. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 24 αδΣετ

  25. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 25 Elasticsearch in 10 seconds • εΩʔϚϑϦʔɺ෼ࢄυΩϡϝϯτετΞɺREST & JSON • Φʔϓϯιʔε: Apache License 2.0 • ઃఆͳ͠Ͱ؆୯ʹࢼ͢͜ͱ͕Մೳ • JavaͰ࣮૷ɻ֦ு΋༰қ

  26. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 26 μ΢ϯϩʔυͱىಈ $ wget https://download.elastic.co/... $ tar -xf elasticsearch-1.5.1.tar.gz $ ./elasticsearch-1.5.1/bin/elasticsearch ... [2015-04-10 10:02:17,278][INFO ][node] [Joseph] started ... Also puppet modules and RPM/DEB

  27. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 27 ELK stack Data Import/Parse/ Export Store/Search Visualize

  28. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 28 Kibana Kibana

  29. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 29 ࢖ͬͯ·͔͢ʁ Kibana3࢖ͬͯ·͔͢ʁ

  30. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 30 Kibana3

  31. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 31 Kibana3ʁ ·ͩKibana3࢖ͬͯΔΜͰ͔͢ʁ

  32. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 32 Kibana4 Kibana4

  33. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 33 ίϯηϓτ • σʔλΛ୳ࡧ • ୳ࡧͨ͠σʔλ͔ΒάϥϑΛ࡞੒ • άϥϑΛ૊Έ߹ΘͤͯμογϡϘʔυ࡞੒

  34. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 34 μ΢ϯϩʔυˍىಈ $ wget https://download.elastic.co/kibana… $ tar -xf kibana-4.0.2-darwin-x64.tar.gz $ ./kibana-4.0.2-darwin-x64/bin/kibana ... {"@timestamp":"2015-04-10T13:26:53.673Z","level":"info", "message":"Found kibana index","node_env":"production"} {"@timestamp":"2015-04-10T13:26:53.785Z","level":"info", "message":"Listening on 0.0.0.0:5601","node_env":"production"} ...

  35. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 35 ॳظը໘ http://localhost:5601/ ʹΞΫηε

  36. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 36 Discover • σʔλͷ୳ࡧΛߦ͏ը໘ • ͲΜͳϑΟʔϧυ͕͋Δ͔ • ݕࡧର৅ͷϑΟʔϧυɺσʔλͷछผ͕Θ͔Δ • ݕࡧͨ݁͠Ռ͸ͲΜͳσʔλ͔ • ݕࡧ৚݅ͷอଘ • ݕࡧ݁ՌͷΤΫεϙʔτ

  37. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 37 Visualize • ݕࡧ݁ՌΛݩʹάϥϑΛ࡞੒ • άϥϑͷλΠϓΛબ୒ • Y࣠ɺX࣠ͷબ୒ • Sub Aggregationͷબ୒ • άϥϑͷอଘ

  38. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 38 Dashboard • อଘͨ͠άϥϑΛ഑ஔɺϦαΠζ • μογϡϘʔυͷอଘɺڞ༗ • άϥϑͷ֤छ৘ใͷදࣔ – Table – Request – Response – Statistics

  39. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 39 Kibana3ͱͷҧ͍ • ෳ਺ͷΠϯσοΫεͷάϥϑΛ1ͭͷμογϡϘʔυʹ • ҟͳΔϑΟʔϧυͷ஋ΛҰͭͷάϥϑʹ • σʔλͷΤΫεϙʔτ • ݕࡧ৚݅ͷอଘ • Aggregation͕ར༻Մೳ

  40. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 40 ΞΫηεϩά ϢʔεέʔεɿΞΫηεϩά

  41. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 41 Dashboard

  42. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 42 ELK stack Data Import/Parse/ Export Store/Search Visualize

  43. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 43 ΞΫηεϩάʁ 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /phpMyAdmin/scripts/ setup.php HTTP/1.1" 404 290 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 283 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /myadmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:36 +0900] "GET /MyAdmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 62.210.xx.xx - - [02/Dec/2014:04:19:17 +0900] "GET /admin/config.php HTTP/1.1" 404 278 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  44. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 44 ΞΫηεϩάʁ 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /phpMyAdmin/scripts/ setup.php HTTP/1.1" 404 290 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 283 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /myadmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:36 +0900] "GET /MyAdmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 62.210.xx.xx - - [02/Dec/2014:04:19:17 +0900] "GET /admin/config.php HTTP/1.1" 404 278 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  45. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 45 ΞΫηεϩάʁ 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /phpMyAdmin/scripts/ setup.php HTTP/1.1" 404 290 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 283 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /myadmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:36 +0900] "GET /MyAdmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 62.210.xx.xx - - [02/Dec/2014:04:19:17 +0900] "GET /admin/config.php HTTP/1.1" 404 278 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  46. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 46 ΞΫηεϩάʁ 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /phpMyAdmin/scripts/ setup.php HTTP/1.1" 404 290 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 283 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /myadmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:36 +0900] "GET /MyAdmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 62.210.xx.xx - - [02/Dec/2014:04:19:17 +0900] "GET /admin/config.php HTTP/1.1" 404 278 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  47. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 47 ΞΫηεϩάʁ 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /phpMyAdmin/scripts/ setup.php HTTP/1.1" 404 290 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 283 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /myadmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:36 +0900] "GET /MyAdmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 62.210.xx.xx - - [02/Dec/2014:04:19:17 +0900] "GET /admin/config.php HTTP/1.1" 404 278 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  48. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 48 ΞΫηεϩάʁ 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /phpMyAdmin/scripts/ setup.php HTTP/1.1" 404 290 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 283 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /myadmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:36 +0900] "GET /MyAdmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 62.210.xx.xx - - [02/Dec/2014:04:19:17 +0900] "GET /admin/config.php HTTP/1.1" 404 278 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  49. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 49 ΞΫηεϩάʁ 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /phpMyAdmin/scripts/ setup.php HTTP/1.1" 404 290 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 283 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /myadmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:36 +0900] "GET /MyAdmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 62.210.xx.xx - - [02/Dec/2014:04:19:17 +0900] "GET /admin/config.php HTTP/1.1" 404 278 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  50. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 50 ΞΫηεϩάʁ 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /phpMyAdmin/scripts/ setup.php HTTP/1.1" 404 290 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 283 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /myadmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:36 +0900] "GET /MyAdmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 62.210.xx.xx - - [02/Dec/2014:04:19:17 +0900] "GET /admin/config.php HTTP/1.1" 404 278 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  51. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 51 ΞΫηεϩάʁ 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /phpMyAdmin/scripts/ setup.php HTTP/1.1" 404 290 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 283 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /myadmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:36 +0900] "GET /MyAdmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 62.210.xx.xx - - [02/Dec/2014:04:19:17 +0900] "GET /admin/config.php HTTP/1.1" 404 278 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  52. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 52 ΞΫηεϩάʁ 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /phpMyAdmin/scripts/ setup.php HTTP/1.1" 404 290 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /pma/scripts/setup.php HTTP/1.1" 404 283 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:35 +0900] "GET /myadmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 75.126.xx.xx - - [02/Dec/2014:01:40:36 +0900] "GET /MyAdmin/scripts/ setup.php HTTP/1.1" 404 287 "-" "ZmEu" 62.210.xx.xx - - [02/Dec/2014:04:19:17 +0900] "GET /admin/config.php HTTP/1.1" 404 278 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.15.3 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  53. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 53 ΞΫηεϩάɿLogstash Import/Parse/ Export Store/Search Visualize Data

  54. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 54 ઃఆɿinput input  {      file  {          path  =>  “/Users/johtani/sample/*_log"          start_position  =>  "beginning"      }   }

  55. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 55 1ߦ1σʔλ 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0"

  56. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 56 ઃఆɿfilter filter  {      grok  {          match  =>  {  "message"  =>  "%{COMBINEDAPACHELOG}"  }          break_on_match  =>  false      }      date  {          match  =>  ["timestamp",  "dd/MMM/YYYY:HH:mm:ss  Z"]          locale  =>  en      }      geoip  {  source  =>  ["clientip"]    }      useragent  {          source  =>  "agent"          target  =>  "useragent"      }   }

  57. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 57 ύʔε 189.120.xx.xx - - [02/Dec/2014:12:18:29 +0900] "GET /manager/html HTTP/ 1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0" {… "@timestamp": "2015-04-10T09:07:49.325Z", "clientip": "189.120.xx.xx", "ident": "-", "auth": "-", "timestamp": "02/Dec/2014:12:18:29 +0900", "verb": "GET", "request": "/manager/html", … "agent": "\"Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0\"" }

  58. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 58 ઃఆɿfilter filter  {      grok  {          match  =>  {  "message"  =>  "%{COMBINEDAPACHELOG}"  }          break_on_match  =>  false      }      date  {          match  =>  ["timestamp",  "dd/MMM/YYYY:HH:mm:ss  Z"]          locale  =>  en      }      geoip  {  source  =>  ["clientip"]    }      useragent  {          source  =>  "agent"          target  =>  "useragent"      }   }

  59. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 59 ೔෇ͷύʔε {… "@timestamp": "2015-04-10T09:07:49.325Z", … "timestamp": "02/Dec/2014:12:18:29 +0900", … } {… "@timestamp": "2014-12-02T03:18:29.000Z", … "timestamp": "02/Dec/2014:12:18:29 +0900", … }

  60. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 60 ઃఆɿfilter filter  {      grok  {          match  =>  {  "message"  =>  "%{COMBINEDAPACHELOG}"  }          break_on_match  =>  false      }      date  {          match  =>  ["timestamp",  "dd/MMM/YYYY:HH:mm:ss  Z"]          locale  =>  en      }      geoip  {  source  =>  ["clientip"]    }      useragent  {          source  =>  "agent"          target  =>  "useragent"      }   }

  61. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 61 IP͔ΒҢ౓ܦ౓ͳͲ෇༩ {… "clientip": "189.120.xx.xx", …} {… "clientip": "189.120.xx.xx", … "geoip": {        "ip":  “189.120.xxx.xxx”,   …          "country_name":  "Brazil",          "continent_code":  "SA",          "region_name":  "27",          "city_name":  "São  Paulo",          "latitude":  -­‐23.473299999999995,          "longitude":  -­‐46.66579999999999,   …

  62. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 62 ઃఆɿfilter filter  {      grok  {          match  =>  {  "message"  =>  "%{COMBINEDAPACHELOG}"  }          break_on_match  =>  false      }      date  {          match  =>  ["timestamp",  "dd/MMM/YYYY:HH:mm:ss  Z"]          locale  =>  en      }      geoip  {  source  =>  ["clientip"]    }      useragent  {          source  =>  "agent"          target  =>  "useragent"      }   }

  63. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 63 ϢʔβΤʔδΣϯτͷύʔε {… "agent": "\"Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0\"" …} {… "agent": "\"Mozilla/5.0 (Windows NT 5.1; rv:5.0) Gecko/20100101 Firefox/5.0\"" … "useragent": { "name": "Firefox", "os": "Windows XP", "os_name": "Windows XP", "device": "Other", "major": "5", "minor": "0" } …

  64. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 64 ઃఆɿoutput output  {    elasticsearch  {          host  =>  "localhost"          index  =>  “demo_access_log-­‐%{+YYYY.MM.dd}”    }   }  

  65. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 65 ΞΫηεϩάɿelasticsearch Import/Parse/ Export Store/Search Visualize Data

  66. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 66 Index template {… "order": 0, "template": "demo_access_log-*", "settings": { "index.number_of_replicas": "0", "index.number_of_shards": "2" }, "mappings": { … }, "aliases": {} }, …

  67. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 67 Index template {… "mappings": { "_default_": { "dynamic_templates": [ { "string_template": { "mapping": { "index": "not_analyzed", "type": "string" }, "match_mapping_type": "string", "match": "*" } } ], …

  68. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 68 σϞ for Kibana4 Access Log demo for Kibana4

  69. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 69 πΠʔτ ϢʔεέʔεɿπΠʔτ

  70. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 70 ઃఆɿinput input{      twitter{      consumer_key  =>  “…….”      consumer_secret  =>  “……………………."      oauth_token  =>  “……..-­‐…………………….”      oauth_token_secret  =>  “……………………"      keywords  =>  ["ࡩ",  "։Ֆ",  "Ֆݟ"]   }  

  71. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 71 ઃఆɿoutput output  {    elasticsearch  {          host  =>  "localhost"          index  =>  “twitter-­‐%{+YYYY.MM.dd}”    }   }  

  72. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 72 σϞ for Kibana4 Twitter Stream demo for Kibana4

  73. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 73 Git log ϢʔεέʔεɿGit log

  74. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 74 git-log2es • GitHubͰެ։͞ΕͯͨͷͰɺར༻ͯ͠Έͨ • https://github.com/Etsukata/git-log2es

  75. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 75 ؾ৅ிͷؾ৅σʔλ ϢʔεέʔεɿؾԹσʔλ

  76. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 76 Elasticsearchͷϩά ϢʔεέʔεɿElasticsearchͷϩά

  77. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 77 Elasticsearchษڧձ

  78. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 78 ࢀߟจݙ • Elasticsearch - The Definitive guide – http://www.elasticsearch.com/guide/en/elasticsearch/ guide/current/index.html • ॻ੶ – ElasticSearchServer೔ຊޠ൛
 αʔό/ΠϯϑϥΤϯδχΞ
 ɹཆ੒ಡຊɹϩάऩू

  79. www.elastic.co Copyright Elastic 2015 Copying, publishing and/or distributing without written

    permission is strictly prohibited 79 Q&A • Elasticsearch Document – http://www.elastic.co/guide/en/elasticsearch/ reference/current/index.html • Logstash Document – http://www.elastic.co/guide/en/logstash/current/ index.html • Kibana – http://www.elastic.co/guide/en/kibana/current/ index.html