| 1 |
On Sat, Nov 1, 2014 at 5:47 AM, Rich Freeman <rich0@g.o> wrote: |
| 2 |
> On Fri, Oct 31, 2014 at 9:03 PM, Alec Ten Harmsel |
| 3 |
> <alec@××××××××××××××.com> wrote: |
| 4 |
>> |
| 5 |
>> You guys should check out the ELK stack: |
| 6 |
>> http://www.elasticsearch.org/overview/ |
| 7 |
>> |
| 8 |
>> Basically, transform logs to JSON with logstash, throw the JSON into |
| 9 |
>> elastic search, and make plots with Kibana. We use it at work; it's |
| 10 |
>> absolutely fantastic. |
| 11 |
> |
| 12 |
> Hmm, as far as I can tell they don't actually have a parser for |
| 13 |
> journal logs yet. With systemd the logs are already available in |
| 14 |
> JSON, though I imagine it would be trivial to transform that to a |
| 15 |
> different-looking JSON if necessary. |
| 16 |
> |
| 17 |
> I think it just reflects the fact that everybody is playing catch-up. |
| 18 |
> Despite originating at Red Hat I suspect that the vast majority of |
| 19 |
> those running systemd right now are the sorts of folks who don't run |
| 20 |
> enterprise log monitoring suites. So, the pressure just isn't there |
| 21 |
> yet to get all that stuff built. |
| 22 |
|
| 23 |
I suspect that "full" journald adoption and tweaking will come from |
| 24 |
small(er), more nimble, less conservative organizations. We'll be |
| 25 |
rolling out RHEL7 next year and we'll have "Storage=volatile"; we've |
| 26 |
asked former colleagues at other banks and they've said that they're |
| 27 |
planning the same. |
Archives