When Monolog meet ELK

Transcript

1. When Monolog meet ELK

2. Me Olivier Dolbeau @odolbeau Web Architect

3. Monolog

4. Handlers • StreamHandler • ErrorLogHandler • SwiftMailerHandler • SyslogUdpHandler •

   FirePHPHandler • FingersCrossedHandler • NullHandler • … more than 36 handlers!

5. Channels Just a name for your logger. http://symfony.com/doc/current/cookbook/logging/channels_handlers.html

6. None

7. Processors

8. None

9. PSR-3 dude !

10. PSR-3 dude ! Context Context Context

11. What can I do with that? • Different handlers for

    different usage ◦ FirePHP for web ◦ Console for cli • Processor per handler • Processor per channel http://symfony.com/doc/current/cookbook/logging/channels_handlers.html
12. None

13. Few things you can do • All my cli logs

    are displayed in console • I use FirePHP for web • publication logs are very important. I want to receive an email if an exception occurred. • I have a processor dedicated to workers. I can directly see which message raise an error. • I have a processor dedicated to web (you saw it) • ...
14. None
15. None

16. SSH ?

17. None

18. I found some IPs !

19. I found the criticity !

20. Maybe it’s the one I want ?

21. None

22. E L K

23. • real time data • distributed • multi-tenancy • document

    oriented • schema free • per operation persistence • real time analytics • high availability • full text search • conflict management • restful api • built on top of apache lucene

24. It’s all about logs! • Inputs (41) • Filters (50)

    • Outputs (55) Logstash

25. Input example

26. Filter example

27. Output example

28. Kibana

29. Not bad right? :D

30. None

31. How to : send logs with Monolog to ELK ?

32. Gelf

33. None

34. Logstash input for gelf

35. Demo

36. Conclusion • Use Monolog (easy!) • Use ELK • Use

    monolog context • Create dashboards • Enjoy!
37. None