| 1 |
On Fri, Oct 31, 2014 at 9:03 PM, Alec Ten Harmsel |
| 2 |
<alec@××××××××××××××.com> wrote: |
| 3 |
> |
| 4 |
> You guys should check out the ELK stack: |
| 5 |
> http://www.elasticsearch.org/overview/ |
| 6 |
> |
| 7 |
> Basically, transform logs to JSON with logstash, throw the JSON into |
| 8 |
> elastic search, and make plots with Kibana. We use it at work; it's |
| 9 |
> absolutely fantastic. |
| 10 |
> |
| 11 |
|
| 12 |
Hmm, as far as I can tell they don't actually have a parser for |
| 13 |
journal logs yet. With systemd the logs are already available in |
| 14 |
JSON, though I imagine it would be trivial to transform that to a |
| 15 |
different-looking JSON if necessary. |
| 16 |
|
| 17 |
I think it just reflects the fact that everybody is playing catch-up. |
| 18 |
Despite originating at Red Hat I suspect that the vast majority of |
| 19 |
those running systemd right now are the sorts of folks who don't run |
| 20 |
enterprise log monitoring suites. So, the pressure just isn't there |
| 21 |
yet to get all that stuff built. |
| 22 |
|
| 23 |
-- |
| 24 |
Rich |
Archives