Dr Nic Williams
VP Developer Evangelism
@drnic
drnicwilliams.com
Slide 2
Slide 2 text
Open Source
Logging?
Slide 3
Slide 3 text
Logstash
Slide 4
Slide 4 text
Kibana
Slide 5
Slide 5 text
From Servers to Search
Slide 6
Slide 6 text
Logstash
Kibana
Slide 7
Slide 7 text
Logs &
Events
sys
Slide 8
Slide 8 text
Store &
Search
Slide 9
Slide 9 text
Locate &
Display
Slide 10
Slide 10 text
Why use Ruby?
• Author’s preferred language at
the time
• Originally in PHP; rewritten in Ruby
• Sinatra framework
• Closer integration with Logstash
Slide 11
Slide 11 text
Why use JRuby?
• Actual threads, better CPU usage
• Debugging - jvisualvm, jstack
• Single executable - including
ElasticSearch
• Some better libraries - Joda Time
Slide 12
Slide 12 text
Performance
“Many users report 20k events/sec
on a single m1.xlarge”
Slide 13
Slide 13 text
Data per day
• 20k events per second (say 500b each)
• 10Kb per second
• 864Mb per day
• Splunk is $2000/year for 500Mb per day,
plus hosting costs
Slide 14
Slide 14 text
10-min walk thru
• Go to logstash.net (DOT NET, OH NO!)
• Click “docs”
• Click “10-minute walkthrough”
Slide 15
Slide 15 text
Live
better
• Use great tools
• Live better with your apps
• Find many more great tools
with JRuby/Ruby