Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Elasticsearch 在智能运维领域的运用

Avatar for medcl medcl
January 20, 2018
Technology
350
0

Elasticsearch 在智能运维领域的运用

分享Elasticsearch和X-Pack组件在智能运维领域的技术原理和应用实践,如非监督型机器学习在自动的异常检测、高级关联和分类、根源问题诊断、早期故障预测等方面的应用等。

Avatar for medcl

medcl

January 20, 2018

More Decks by medcl

See All by medcl
Elastic Stack- Past, Present, & Future
Avatar for medcl medcl
0
61
A Spider Written in Golang
Avatar for medcl medcl
1
82
又一个爬虫
Avatar for medcl medcl
0
99
Introduction to Beats and extending Beats
Avatar for medcl medcl
0
110
Elasticsearch & Bigdata
Avatar for medcl medcl
2
230
Elastic Stack V5
Avatar for medcl medcl
0
110
Elastic Stack V5
Avatar for medcl medcl
0
79
基于Elastic Stack的数据探索与分析@QConBeijing2016
Avatar for medcl medcl
1
440
Introduction to Elasticsearch @ FOSSASIA2016
Avatar for medcl medcl
0
7.6k

Other Decks in Technology

See All in Technology
20260528_生成AIを専属DSに_Howの次にすべきことを考える
Avatar for NobuakiOshiro doradora09
PRO
0
280
AI駆動開発が変える、大規模開発の前提 ーHuman in the Loop から Human on the Loop へ / AIE2026
Avatar for Visional Engineering & Design visional_engineering_and_design
2
750
サプライチェーンセキュリティの空白地帯 - 信頼できる”依存性”の未来を考える
Avatar for Hiroki Suezawa (@rung) rung
PRO
2
620
さきさん文庫の書籍ができるまで
Avatar for H.Saki sakiengineer
0
330
Gradle×GitHub_ActionsでCI時間を約50%短縮 ジョブ分割の設計と落とし穴 / Cutting CI Time by ~50% with Gradle and GitHub Actions: Job-Splitting Design and Pitfalls
Avatar for 冨澤宝斗 takatty
0
580
オンコールの負荷軽減のためのBits Assistant 活用方法 / How to Use Bits Assistant to Reduce the Workload on On-Call Staff
Avatar for SMS tech sms_tech
1
370
先取りMaven4 ~16年ぶりのメジャーアップデート、その進化とは?~
Avatar for 荻原利雄 ogiwarat
0
120
Claude Codeですべての日常業務を爆速化しよう!
Avatar for みのるん minorun365
PRO
17
16k
AIを「創る」と「使う」の循環 — HRテックが実践するリアルなAI組織実装
Avatar for Taketo Sasaki taketo957
0
150
Cloud Run のアップデート 触ってみる&紹介
Avatar for Gre212 gre212
0
290
Java正規表現エンジン(NFA)の仕組みと パフォーマンスを維持するための最適化手法
Avatar for 竹内 雅和 takeuchi_132917
0
170
大学生が本気でDatabricksを活用してDiscordサークルをデータ駆動させてみた
Avatar for Kazuki Date phantomjuju
1
320

Featured

See All Featured
Have SEOs Ruined the Internet? - User Awareness of SEO in 2025
Avatar for Akash Hashmi akashhashmi
0
360
Leveraging LLMs for student feedback in introductory data science courses - posit::conf(2025)
Avatar for Mine Cetinkaya-Rundel minecr
1
270
brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC
Avatar for Christian Goodrich cargoodrich
3
720
It's Worth the Effort
Avatar for 3n 3n
188
29k
Save Time (by Creating Custom Rails Generators)
Avatar for Garrett Dimon garrettdimon
PRO
32
3.3k
How to Think Like a Performance Engineer
Avatar for Harry Roberts csswizardry
28
2.6k
Jess Joyce - The Pitfalls of Following Frameworks
Avatar for Tech SEO Connect techseoconnect
PRO
1
160
Unlocking the hidden potential of vector embeddings in international SEO
Avatar for Frank van Dijk frankvandijk
0
830
Evolving SEO for Evolving Search Engines
Avatar for Ryan Jones ryanjones
0
210
Learning to Love Humans: Emotional Interface Design
Avatar for Aarron Walter aarron
275
41k
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
41
2.5k
How Fast Is Fast Enough? [PerfNow 2025]
Avatar for Tammy Everts tammyeverts
3
590

Transcript

  1. Elasticsearch 在智能运维领域的运用 Elastic 技术专家 曾勇

  2. 什么是智能运维?

  3. None

  4. 人工智能!

  5. 落地!

  6. 我们具体聊聊运维的痛点!

  7. 服务器器、硬件、⽹网络 …

  8. 软件、服务、代码…

  9. 传感器器、设备、物联⽹网… Image Credit: https://www.flickr.com/photos/teco_kit/23908928999

  10. 每时每刻产⽣生⼤大量量的…

  11. 事件、⽇日志…

  12. Metrics、指标…

  13. 期望得到的…

  14. 报表…

  15. 异常…

  16. 告警…

  17. 因为…

  18. Improve Uptime Stability Visibility Reduce Errors Downtime Time to Resolution

  19. 你需要…

  20. 所有这些. Unstructured Machine Learning Query language Fast Highly available Secure

    Enrichment Advanced Analytics Dashboards Scalable Alerting SaaS Log correlation APIs Visualizations Real-time Drill down Reports Data sources

  21. Elastic 提供 所有这些. Unstructured Machine Learning Query language Fast Highly

    available Secure Enrichment Advanced Analytics Dashboards Scalable Alerting SaaS Log correlation APIs Visualizations Real-time Drill down Reports Data sources

  22. Elastic 为什什么不不⼀一样?

  23. ⽤用户⽆无处不不在

  24. LOG MANAGEMENT MOBILE APM SYSTEM MONITORING TIME SERIES WEB MONITORING

    ANOMALY DETECTION Elastic 不不在 <Gartner 魔⼒力力象限> 尽管

  25. Search Analytics Numbers Text Logs Historical Metrics Real time Heuristic

    Machine Learning 多样性 才是我们的⻓长处 不不过

  26. 回到话题

  27. 运维之监控! •  监控指标的收集 •  监控数据的存储 •  监控数据的分析 •  监控数据的告警

  28. 运维之监控! •  监控数据的存储 •  监控数据的分析 •  监控数据的告警

  29. Metricbeat, Filebeat, Auditbeat & Logstash System •  Linux •  MacOS

    •  Windows •  Perfmon Custom apps •  JMX/Jolokia •  PHP-FPM •  Golang •  Dropwizard Storage •  Ceph Cloud •  AWS •  GCP •  DigitalOcean Queues •  Redis •  Kafka •  RabbitMQ Security •  ArcSight Caches •  Memcached Containers •  Docker •  Kubernetes Virtualization •  vSphere Datastores •  MySQL •  PostgreSQL •  MongoDB •  Couchbase •  Aerospike Network •  Netflow •  Packets Web servers •  Apache •  Nginx Other •  HAProxy •  Zookeeper •  Prometheus •  Graphite •  Icinga … …

  30. 运维之监控! •  监控数据的分析 •  监控数据的告警

  31. 运维之监控! •  监控数据的分析

  32. 运维之监控! 人工智能 亦或 只能人工

  33. 也还行, 也就几千个指标! CPU Metrics

  34. 也还行, 也就几千个指标! 几万? CPU Metrics

  35. None

  36. Elastic Stack 可采集海量指标 •  爆炸!

  37. ELASTIC 的人工智能,智能运维。

  38. ELASTIC 的人工智能,智能运维。 ELASTIC 的机器学习。

  39. 先看看监控数据 •  三大类 – Logging – Tracing info – Metrics

  40. 都是时序型数据!

  41. 什么是时序型数据?

  42. 为什么使用时序型数据?

  43. 为什么使用时序型数据?

  44. Bucketing

  45. Bucket 的选择

  46. 监督型机器学习。

  47. 非监督型机器学习。

  48. 时序型指标 特征化,模型化!

  49. 让机器去帮你 监控海量指标,发现异常!

  50. DEMO

  51. 总结 •  运维已进入精细化智能化时代 •  AI 不会让运维失业 •  让机器做机器擅长的 •  Elastic

    让运维分析更简单
  52. None

  53. IT-OPS-KPI

  54. IT-OPS-NETWORK

  55. IT-OPS-SQL

  56. 关联分析