Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Monitor PostgreSQL with the Elastic Stack

Philipp Krenn
July 05, 2017
Programming
1
4.2k

Monitor PostgreSQL with the Elastic Stack

How to use the Elastic Stack (previously called ELK Stack) to monitor logs is widely known. But it can also give you a complete picture of your PostgreSQL installation:
* System metrics: Keep track of network traffic and system load.
* Logs: Collect and parse PostgreSQL logs.
* PostgreSQL metrics: Gather the most relevant attributes with the dedicated Metricbeat module.
* Queries: Monitor your queries on the wire without instrumenting PostgreSQL with Packetbeat.

And we will do all of that live since it is so easy and much more interactive that way.

Philipp Krenn

July 05, 2017
Tweet

More Decks by Philipp Krenn

See All by Philipp Krenn
Full-Text Search Explained
xeraa
11
2k
360° Monitoring of Your Microservices
xeraa
7
3.3k
Scale Your Metrics with Elasticsearch
xeraa
4
130
YAML Considered Harmful
xeraa
0
2k
Scale Your Elasticsearch Cluster
xeraa
1
280
Hands-On ModSecurity and Logging
xeraa
2
140
Centralized Logging Patterns
xeraa
1
970
Dashboards for Your Management with Kibana Canvas
xeraa
1
450
Make Your Data FABulous
xeraa
3
810

Other Decks in Programming

See All in Programming
LLM生成文章の精度評価自動化とプロンプトチューニングの効率化について
layerx
PRO
2
170
cXML という電子商取引の トランザクションを支える プロトコルと向きあっている話
phigasui
3
2.3k
Ethereum_.pdf
nekomatu
0
370
C++でシェーダを書く
fadis
6
3.9k
GCCのプラグインを作る / I Made a GCC Plugin
shouth
1
160
推し活としてのrails new/oshikatsu_ha_iizo
sakahukamaki
3
2k
外部システム連携先が10を超えるシステムでのアーキテクチャ設計・実装事例
kiwasaki
1
280
Hotwire or React? ~アフタートーク・本編に含めなかった話~ / Hotwire or React? after talk
harunatsujita
1
110
AI時代におけるSRE、
あるいはエンジニアの生存戦略
pyama86
4
980
約9000個の自動テストの 時間を50分->10分に短縮 Flakyテストを1%以下に抑えた話
hatsu38
24
12k
Generative AI Use Cases JP (略称:GenU)奮闘記
hideg
0
190
開発効率向上のためのリファクタリングの一歩目の選択肢 ~コード分割~ / JJUG CCC 2024 Fall
ryounasso
0
420

Featured

See All Featured
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
109
49k
Raft: Consensus for Rubyists
vanstee
136
6.6k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.1k
Building Flexible Design Systems
yeseniaperezcruz
327
38k
Code Reviewing Like a Champion
maltzj
520
39k
A Philosophy of Restraint
colly
203
16k
No one is an island. Learnings from fostering a developers community.
thoeni
19
3k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.7k
What's in a price? How to price your products and services
michaelherold
243
12k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
48k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
24k

Transcript

  1. Monitor PostgreSQL with the Stack Philipp Krenn@xeraa 1

  2. Infrastructure | Developer Advocate 2

  3. Disclaimer This is not a training https://www.elastic.co/training 3

  4. Who Is Using Elasticsearch Logstash and Kibana Beats 4

  5. 5

  6. You Know, for Search 6

  7. 7

  8. 8

  9. ELK Stack 9

  10. 10

  11. 11

  12. 12

  13. 13

  14. Elastic Stack 14

  15. 15

  16. 16

  17. 17

  18. Starting Point https://github.com/xeraa/postgresql-monitoring 18

  19. USB Sticks 19

  20. Box Vagrant Ansible Provisioner 20

  21. Credentials vagrant & vagrant 21

  22. SSH $ ssh [email protected] -p 2222 -o PreferredAuthentications=password Windows: http://www.putty.org

    22

  23. Ansible $ cd /elastic-stack/ $ ls 23

  24. 24

  25. REST $ curl -XGET -u "elastic:changeme" http://localhost:9200/ 25

  26. 26

  27. Login http://localhost:5601 elastic & changeme 27

  28. 28

  29. Filebeat 29

  30. Filebeat Modules 30

  31. System Dashboards 31

  32. 32

  33. PostgreSQL Logs /var/log/postgresql/*.log 33

  34. /etc/filebeat/filebeat.yml filebeat.prospectors: - input_type: log paths: - /var/log/postgresql/*.log document_type: postgresql

    34

  35. Kibana Discover Limit Kibana view to the postgresql _type 35

  36. 36

  37. 37

  38. /etc/logstash/conf.d/00-beats-input.conf input { beats { port => 5044 } }

    38

  39. /etc/logstash/conf.d/10-postgresql- filter.conf filter { } 39

  40. /etc/logstash/conf.d/20-elasticsearch- output.conf output { elasticsearch { hosts => ["localhost:9200"] manage_template

    => false index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}" document_type => "%{[@metadata][type]}" user => "elastic" password => "changeme" } } 40

  41. Grok Patterns https://github.com/logstash-plugins/logstash-patterns- core/blob/master/patterns/grok-patterns 41

  42. Building Patterns https://grokdebug.herokuapp.com Part of Kibana 5.5+ 42

  43. 43

  44. /etc/logstash/conf.d/10-postgresql- filter.conf filter { if [type] == "postgresql" { grok

    { match => { "message" => "%{DATESTAMP:timestamp} %{TZ} (\[%{DATA:group_id}\]) (\[?%{DATA:user}\]?@\[?%{DATA:database}\]? )?%{DATA:level}: %{GREEDYDATA:msg}" } } } } 44

  45. Logstash Restart $ sudo service logstash restart 45

  46. /etc/filebeat/filebeat.yml #filebeat.modules: #- module: system 46

  47. Filebeat System Module in Logstash https://www.elastic.co/guide/en/logstash/current/ filebeat-modules.html 47

  48. /etc/filebeat/filebeat.yml output.logstash: hosts: ["localhost:5044"] username: "elastic" password: "changeme" 48

  49. /etc/filebeat/filebeat.yml #output.elasticsearch: # hosts: ["localhost:9200"] # username: "elastic" # password:

    "changeme" 49

  50. Filebeat Restart $ sudo service filebeat restart 50

  51. Debug Logstash $ less /var/log/logstash/logstash-plain.log 51

  52. Test $ /opt/sqlsmith/sqlsmith --verbose --target="host=localhost port=5432 dbname=test user=test password=test" 52

  53. Multiline Logs 53

  54. /etc/filebeat/filebeat.yml filebeat.prospectors: - input_type: log paths: - /var/log/postgresql/*.log document_type: postgresql

    multiline.pattern: '^[[:space:]]' multiline.negate: false multiline.match: after 54

  55. Filebeat Restart $ sudo service filebeat restart 55

  56. Test $ /opt/sqlsmith/sqlsmith --verbose --target="host=localhost port=5432 dbname=test user=test password=test" 56

  57. Visualize level of log events Refresh the index template 57

  58. 58

  59. Metricbeat 59

  60. Metricbeat System 60

  61. Metricbeat Service 61

  62. /etc/metricbeat/metricbeat.yml - module: postgresql metricsets: - database - bgwriter -

    activity enabled: true period: 10s hosts: ["postgres://localhost:5432?sslmode=disable"] username: elastic password: changeme 62

  63. Metricbeat Restart $ sudo service metricbeat restart 63

  64. Test $ /opt/sqlsmith/sqlsmith --verbose --target="host=localhost port=5432 dbname=test user=test password=test" 64

  65. 65

  66. Visual Builder postgresql.database.rows.* 66

  67. 67

  68. Packetbeat 68

  69. Protocols 69

  70. Flows Application layer: Unsupported / encrypted (TLS) protocols IP /

    TCP / UDP Number of packets & bytes Retransmissions Temporal flow 70

  71. /etc/packetbeat/packetbeat.yml packetbeat.protocols.pgsql: ports: [5432] 71

  72. Packetbeat Restart $ sudo service packetbeat restart 72

  73. Test $ /opt/sqlsmith/sqlsmith --verbose --target="host=localhost port=5432 dbname=test user=test password=test" 73

  74. 74

  75. Heartbeat 75

  76. Heartbeat ICMP, TCP, HTTP, HTTPS 76

  77. /etc/heartbeat/heartbeat.yml heartbeat.monitors: - type: tcp hosts: ["127.0.0.1:5432"] schedule: '@every 10s'

    77

  78. Heartbeat Restart $ sudo service heartbeat restart 78

  79. Test $ sudo service postgresql stop $ sudo service postgresql

    start 79

  80. Visualize Up or down 80

  81. 81

  82. Winlogbeat 82

  83. libbeat https://github.com/elastic/beats/tree/master/generate/beat 83

  84. 84

  85. X-Pack Monitoring Graph Reporting Alerting Machine Learning 85

  86. X-Pack Basic 86

  87. Conclusion 87

  88. 88

  89. 89

  90. 90

  91. Thanks! Questions? Philipp Krenn@xeraa 91