Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Logs hunting
Search
Olivier Dolbeau
April 09, 2015
Programming
1
2.9k
Logs hunting
Talk given at sfLive 2015 Paris
Olivier Dolbeau
April 09, 2015
Tweet
Share
More Decks by Olivier Dolbeau
See All by Olivier Dolbeau
Throw new \Exception(); Oui, mais laquelle ?
odolbeau
1
290
Jane & Webby
odolbeau
0
470
Translating a monolingual application
odolbeau
2
670
DX: Developer eXperience
odolbeau
1
120
DX: Developer eXperience
odolbeau
1
570
EasyAdminBundle introduction
odolbeau
0
210
REX API Platform
odolbeau
0
1.4k
Features flags at BlaBlaCar
odolbeau
5
1.2k
25+ million members in 22 countries, how to scale with Symfony2
odolbeau
2
650
Other Decks in Programming
See All in Programming
atmaCup #23でAIコーディングを活用した話
ml_bear
4
740
Geminiの機能を調べ尽くしてみた
naruyoshimi
0
200
AI主導でFastAPIのWebサービスを作るときに 人間が構造化すべき境界線
okajun35
0
550
nuget-server - あなたが必要だったNuGetサーバー
kekyo
PRO
0
170
コーディングルールの鮮度を保ちたい / keep-fresh-go-internal-conventions
handlename
0
150
AIとペアプロして処理時間を97%削減した話 #pyconshizu
kashewnuts
1
200
PJのドキュメントを全部Git管理にしたら、一番喜んだのはAIだった
nanaism
0
230
TROCCOで実現するkintone+BigQueryによるオペレーション改善
ssxota
0
130
grapheme_strrev関数が採択されました(あと雑感)
youkidearitai
PRO
1
210
今、アーキテクトとして 品質保証にどう関わるか
nealle
0
200
Raku Raku Notion 20260128
hareyakayuruyaka
0
430
maplibre-gl-layers - 地図に移動体たくさん表示したい
kekyo
PRO
0
180
Featured
See All Featured
Discover your Explorer Soul
emna__ayadi
2
1.1k
Building Flexible Design Systems
yeseniaperezcruz
330
40k
Balancing Empowerment & Direction
lara
5
930
How Software Deployment tools have changed in the past 20 years
geshan
0
32k
Exploring anti-patterns in Rails
aemeredith
2
280
Neural Spatial Audio Processing for Sound Field Analysis and Control
skoyamalab
0
200
Optimising Largest Contentful Paint
csswizardry
37
3.6k
A Soul's Torment
seathinner
5
2.4k
Design in an AI World
tapps
0
160
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
aleyda
1
1.1k
Building AI with AI
inesmontani
PRO
1
760
How STYLIGHT went responsive
nonsquared
100
6k
Transcript
LOGS HUNTING 1
WHO AM I? Olivier Dolbeau @odolbeau Work at BlaBlaCar 2
THIS IS AN ELK 3
4
5
6
Inputs Filters Outputs 41 inputs • syslog • udp •
varnishlog • gelf • … 50 filters • date • geoip • i18n • urldecode • … 55 outputs • elasticsearch • redis • email • graphite • … And there are also some codecs 7
Kibana 8
9
10
Which logs are we talking about? 11
12 Access Logs Population: High Difficulty: Easy Weapon
13 Application logs Population: Medium / Low Difficulty: Medium Weapon
Monolog <3
syslog 14 Syslog Population: Medium Difficulty: Easy Weapon RSYSLOG
*.* @127.0.0.1:514;RSYSLOG_ForwardFormat 15
input { udp { port => 514 type => syslog
} } Logstash - Input 16
filter { if [type] == "syslog" { grok { match
=> [ "message", "<%{POSINT:syslog_pri}>% {TIMESTAMP_ISO8601:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} % {DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: % {GREEDYDATA:syslog_message}" ] add_field => [ "received_at", "%{@timestamp}" ] add_field => [ "received_from", "%{host}" ] add_tag => [ "rsyslog" ] } } } Logstash - Filter 17
output { elasticsearch_http { host => “my_es.blablacar.com” port => 9200
index => "logstashv1-%{+YYYY.MM.dd}" manage_template => false } } Logstash - Output 18
19
syslog 20
21
@odolbeau 22 On recrute ! https://speakerdeck.com/odolbeau/logs-hunting
odolbeau
ml_bear
naruyoshimi
okajun35
kekyo
handlename
kashewnuts
nanaism
ssxota
youkidearitai
nealle
hareyakayuruyaka
emna__ayadi
yeseniaperezcruz
lara
geshan
aemeredith
skoyamalab
csswizardry
seathinner
tapps
aleyda
inesmontani
nonsquared
![filter { if [type] == "syslog" { grok { match](https://files.speakerdeck.com/presentations/830b3cc35cc64bd58e9df1ac9a3aa6fa/slide_16.jpg){kind=link}
