SlideShare uma empresa Scribd logo

Machine Learning and Logging for Monitoring Microservices

Transferir como PPTX, PDF
Daniel Berman
Daniel Berman

In this talk I go over the use cases for using machine learning and centralized logging for monitoring a distributed, multi layered microservices architecture.

Tecnologia
1 de 39
ANALYZE THIS: ML AND LOGGING FOR MONITORING MICROSERVICES
skb rides the rocket
kernel: xen_netfront: xennet: skb rides the rocket: 19 slots
Daniel Berman • Product Evangelist @logzio • LAMPer, Docker, ELK • Speaker/Blogger (SitePoint, DZone) • Meetup organizer: TLV-PHP, TLV- ELK • Contact me: @proudboffin | daniel@logz.io
1-min on • Log analysis company • ELK-as-a-Service • Enterprise grade: auto- everything, security, multi-tenant • Additional features: ELK Apps, S3 archiving, AI
Agenda • Logs + logging background • The challenges • Centralized logging with ELK • Using machine learning • Demo • Q & A
WHAT ARE LOGS?
Online user behavior IoT analytic s Dev, monitoring & system troubleshooting Security and compliance LOG ANALYTICS IS FUNDEMENTAL FOR UNDERSTANDING MACHINES Security devices App server Network
LOG ANALYTICS FOR MICROSERVICES • Service logs 10/01/17 00:53:51 INFO apollo i.l.c.b.c.b.MappedPageFactory: Page file /tmp/logzio-logback-buffer/listener-metrics/logzio-logback-appender/data/page- 48.dat was just deleted. • Service metrics 10/01/17 02:53:51 INFO apollo a.b.c.metrics: Account-Incoming, key: 126, value: 54321
LOG ANALYTICS FOR MICROSERVICES • Host logs/metrics • Execution runtime logs
THE CHALLENGES WITH LOGGING MICROSERVICES • Transient • Distributed • Independent • Multilayered
LOGGING IN A DOCKERIZED WORLD $ docker logs 2016-06-02T13:05:22.614090Z 0 [Note] InnoDB: 5.7.12 started; log sequence number 2522067
LOGGING IN A DOCKERIZED WORLD $ docker stats CONTAINER CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O 3747bd397456 0.01% 3.641 MB / 2.1 GB 0.17% 3.366 kB / 648 B 0 B / 0 B 396e42ba0d15 0.11% 1.638 MB / 2.1 GB 0.08% 9.79 kB / 648 B 348.2 kB / 0 B 468bf755240a 3.19% 45.67 MB / 2.1 GB 2.17% 25.19 MB / 17.95 MB 774.1 kB / 0 B 5f16814a3c0e 0.01% 495.6 kB / 2.1 GB 0.02% 8.564 kB / 648 B 0 B / 0 B 74cdfa7b8a0c 0.04% 3.908 MB / 2.1 GB 0.19% 2.028 kB / 648 B 0 B / 0 B 99bafb7600fc 0.00% 32.95 MB / 2.1 GB 1.57% 0 B / 0 B 2.093 MB / 20.48 kB
LOGGING IN A DOCKERIZED WORLD $ docker daemon time="2016-06-05T12:03:49.716900785Z" level=debug msg="received containerd event: &types.Event{Type:"exit", Id:"3747bd397456cd28058bb40799cd0642f431849b5c43ce56536ab7f55a98114f", Status:0x0, Pid:"4120a7625a592f7c95eab4b1b442a45370f6dd95b63d284714dbb58f00d0a20d", Timestamp:0x57541525}"
OH, AND THERE’S THIS… Large & complex application & operational logs Multiple different formats Multiple log files per component / instance SLOW & labor Intensive Error-prone processing Relies on an individual’s skills Expensive Hard to find what is relevant and important in log data Scaling and securing open-source implementation is expensive and almost impossible to scale
CENTRALIZED LOGGING TO THE RESCUE • Centralized data collection and management management • Provides inferable context to logs • Analysis, event correlation and visualization visualization
OLD SCHOOL LOGGING $ grep ' 30[1234] ' /var/logs/apache2/access.log | grep -v baidu | grep -v Googlebot 173.230.156.8 - - [04/Sep/2015:06:10:10 +0000] "GET /morpht HTTP/1.0" 301 26 "-" "Mozilla/5.0 (pc-x86_64-linux-gnu)" 192.3.83.5 - - [04/Sep/2015:06:10:22 +0000] "GET /?q=node/add HTTP/1.0" 301 26 "http://morpht.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/8.0.2 Safari/600.2.5"
NEW SCHOOL LOGGING
A BIT ABOUT ELK • World’s most popular open source log analysis platform • 4.5M downloads a month! • Centralized logging AND: search, BI, SEO, IoT, and more
THE MARKET IS DOMINATED BY OPEN SOURCE SOLUTIONS Over the past 3 years, the market shifted attention from proprietary to open source It’s simple to get started and play with ELK, and the UI is just beautiful Simple and beautifulOpen Source/Flexible Fast-growing community, no vendor lock-in and no license cost Blazing quick responses even when searching through millions of documents Fast. Very fast. ELK Stack 500,000+ companies 15K companies
TYPICAL ELK PIPELINE • Visualizations and dashboards • Log shipper • Collecting and parsing • Full-text search and analysis engine • Scalable, fast, highly available • REST API
STEP 1 – INSTALLING ELK https://hub.docker.com/r/sebp/elk/ elk: image: sebp/elk ports: - "5601:5601" - "9200:9200" - "5044:5044" $ sudo docker-compose up elk https://github.com/deviantony/docker-elk
• Logging drivers (json-file, syslog, fluentd…) STEP 2 – FORWARDING LOGS $ docker run -d --name nginx --log-driver=syslog --log-opt syslog- address=tcp://SYSLOG_IP:PORT -p 80:80 nginx:alpine webserver: image: nginx:alpine container_name: nginx ports: - "80:80" s logging: driver: syslog options: syslog-address=tcp://SYSLOG_IP:PORT syslog-tag: "nginx"
• Logspout $ docker run --name="logspout" -- volume=/var/run/docker.sock:/var/run/docker.sock gliderlabs/logspout syslog+tls://167.23.145.12:55555 STEP 2 – FORWARDING LOGS
• Filebeat yourapp: image: your/image ports: - "80:80" links: - elk elk: image: sebp/elk ports: - "5601:5601" - "9200:9200" - "5044:5044" STEP 2 – FORWARDING LOGS
• Configure Logstash (input, filter, output) filter { if [type] == "dockerlogs" { if ([message] =~ "^tat ") { drop {} } grok { break_on_match => false match => [ "message", " responded with %{NUMBER:status_code:int}" ] tag_on_failure => [] } } } STEP 3 – PARSING
• DO NOT expose Elasticsearch (‘network.host’) • Use proxies • Isolate Elasticsearch • Change default ports STEP 4 – SECURITY
OTHER SOLUTIONS • Hosted ELK (Logz.io, Elastic Cloud, Sematext) • Other logging/monitoring SaaS (Datadog, Papertrail, Loggly)
THE BIG ELEPHANT (ELK) IN THE ROOM • Not knowing what question to ask • Needle in the haystack syndrome • Logs cannot be analyzed by a human alone • Anomaly detection does not work
ANOMALY DETECTION DOESN’T WORK • Not every anomaly is an error • Not every error represents itself in an anomaly • Apps run as step functions
ENTER MACHINE LEARNING?
DEMO TIME!
WHAT IS MACHINE LEARNING? “Machine learning is a type of artificial intelligence that provides computers with the ability to learn without being explicitly programmed.” (TechTarget)
SUPERVISED MACHINE LEARNING (BY EXAMPLE) 1. Labeling – gathering and labeling logs • User behavior • Inter-user similarities • Public resources 2. Training a classifier – defining what log is important 3. Integration within the system
‘skb rides the rocket’ kernel: xen_netfront: xennet: skb rides the rocket: 19 slots (http://serverfault.com/questions/647489/what-is-causing- skb-rides-the-rocket-errors)
EXTRAS • Logz.io blog: http://logz.io/blog • Elastic docs http://elastic.co/documentation • Slack team: https://elk-stack-professionals- pfuiokfxqy.now.sh • ELK meetup: https://www.meetup.com/Tel-Aviv-Yafo- ELK-ElasticSearch-Meetup/
THANKS! @proudboffin | daniel@logz.io

Recomendados

Monitoring Docker with ELK
Monitoring Docker with ELKMonitoring Docker with ELK
Monitoring Docker with ELKDaniel Berman
 
Docker Logging Webinar
Docker Logging WebinarDocker Logging Webinar
Docker Logging WebinarSematext Group, Inc.
 
Docker Registry + Basic Auth
Docker Registry + Basic AuthDocker Registry + Basic Auth
Docker Registry + Basic AuthRemotty
 
Playground 11022017 user_monitoring
Playground 11022017 user_monitoringPlayground 11022017 user_monitoring
Playground 11022017 user_monitoringMatthijs Mali
 
Host Health Monitoring with Docker Run
Host Health Monitoring with Docker RunHost Health Monitoring with Docker Run
Host Health Monitoring with Docker RunNoah Zoschke
 
Redis - for duplicate detection on real time stream
Redis - for duplicate detection on real time streamRedis - for duplicate detection on real time stream
Redis - for duplicate detection on real time streamCodemotion
 
Easily create dashboards to manage your databases with OVH
Easily create dashboards to manage your databases with OVH Easily create dashboards to manage your databases with OVH
Easily create dashboards to manage your databases with OVH OVHcloud
 
Docker and Fluentd (revised)
Docker and Fluentd (revised)Docker and Fluentd (revised)
Docker and Fluentd (revised)SATOSHI TAGOMORI
 

Recomendados

Monitoring Docker with ELK
Monitoring Docker with ELKMonitoring Docker with ELK
Monitoring Docker with ELKDaniel Berman
 
Docker Logging Webinar
Docker Logging WebinarDocker Logging Webinar
Docker Logging WebinarSematext Group, Inc.
 
Docker Registry + Basic Auth
Docker Registry + Basic AuthDocker Registry + Basic Auth
Docker Registry + Basic AuthRemotty
 
Playground 11022017 user_monitoring
Playground 11022017 user_monitoringPlayground 11022017 user_monitoring
Playground 11022017 user_monitoringMatthijs Mali
 
Host Health Monitoring with Docker Run
Host Health Monitoring with Docker RunHost Health Monitoring with Docker Run
Host Health Monitoring with Docker RunNoah Zoschke
 
Redis - for duplicate detection on real time stream
Redis - for duplicate detection on real time streamRedis - for duplicate detection on real time stream
Redis - for duplicate detection on real time streamCodemotion
 
Easily create dashboards to manage your databases with OVH
Easily create dashboards to manage your databases with OVH Easily create dashboards to manage your databases with OVH
Easily create dashboards to manage your databases with OVH OVHcloud
 
Docker and Fluentd (revised)
Docker and Fluentd (revised)Docker and Fluentd (revised)
Docker and Fluentd (revised)SATOSHI TAGOMORI
 
Building a Serverless Pipeline
Building a Serverless PipelineBuilding a Serverless Pipeline
Building a Serverless PipelineJulien SIMON
 
Real-time data analysis using ELK
Real-time data analysis using ELKReal-time data analysis using ELK
Real-time data analysis using ELKJettro Coenradie
 
Spicing up JMX with Jolokia (Devoxx 2014)
Spicing up JMX with Jolokia (Devoxx 2014)Spicing up JMX with Jolokia (Devoxx 2014)
Spicing up JMX with Jolokia (Devoxx 2014)roland.huss
 
Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...
Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...
Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...Codemotion
 
State of Development - Icinga Meetup Linz August 2019
State of Development - Icinga Meetup Linz August 2019State of Development - Icinga Meetup Linz August 2019
State of Development - Icinga Meetup Linz August 2019Icinga
 
ContainerCon sysdig Slides
ContainerCon sysdig Slides ContainerCon sysdig Slides
ContainerCon sysdig Slides Loris Degioanni
 
"How about no grep and zabbix?". ELK based alerts and metrics.
"How about no grep and zabbix?". ELK based alerts and metrics."How about no grep and zabbix?". ELK based alerts and metrics.
"How about no grep and zabbix?". ELK based alerts and metrics.Vladimir Pavkin
 
ELK, a real case study
ELK, a real case studyELK, a real case study
ELK, a real case studyPaolo Tonin
 
The ELK Stack - Get to Know Logs
The ELK Stack - Get to Know LogsThe ELK Stack - Get to Know Logs
The ELK Stack - Get to Know LogsGlobalLogic Ukraine
 
Open Source Logging and Monitoring Tools
Open Source Logging and Monitoring ToolsOpen Source Logging and Monitoring Tools
Open Source Logging and Monitoring ToolsPhase2
 
Scaling Development Environments with Docker
Scaling Development Environments with DockerScaling Development Environments with Docker
Scaling Development Environments with DockerDocker, Inc.
 
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...gethue
 
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.Airat Khisamov
 
Shipping & Visualize Your Data With ELK
Shipping & Visualize Your Data With ELKShipping & Visualize Your Data With ELK
Shipping & Visualize Your Data With ELKAdam Chen
 
Icinga Web 2 is more
Icinga Web 2 is moreIcinga Web 2 is more
Icinga Web 2 is moreIcinga
 
Building applications with Serverless Framework and AWS Lambda
Building applications with Serverless Framework and AWS LambdaBuilding applications with Serverless Framework and AWS Lambda
Building applications with Serverless Framework and AWS LambdaFredrik Vraalsen
 
'Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash''Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash'Cloud Elements
 
ELK introduction
ELK introductionELK introduction
ELK introductionWaldemar Neto
 
Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Docker, Inc.
 
Elastic - ELK, Logstash & Kibana
Elastic - ELK, Logstash & KibanaElastic - ELK, Logstash & Kibana
Elastic - ELK, Logstash & KibanaSpringPeople
 
Hunting powerpoint
Hunting powerpointHunting powerpoint
Hunting powerpointKJRoss9
 
Risk management
Risk managementRisk management
Risk managementhussnain ali
 

Mais conteúdo relacionado

Mais procurados

Building a Serverless Pipeline
Building a Serverless PipelineBuilding a Serverless Pipeline
Building a Serverless PipelineJulien SIMON
 
Real-time data analysis using ELK
Real-time data analysis using ELKReal-time data analysis using ELK
Real-time data analysis using ELKJettro Coenradie
 
Spicing up JMX with Jolokia (Devoxx 2014)
Spicing up JMX with Jolokia (Devoxx 2014)Spicing up JMX with Jolokia (Devoxx 2014)
Spicing up JMX with Jolokia (Devoxx 2014)roland.huss
 
Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...
Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...
Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...Codemotion
 
State of Development - Icinga Meetup Linz August 2019
State of Development - Icinga Meetup Linz August 2019State of Development - Icinga Meetup Linz August 2019
State of Development - Icinga Meetup Linz August 2019Icinga
 
ContainerCon sysdig Slides
ContainerCon sysdig Slides ContainerCon sysdig Slides
ContainerCon sysdig Slides Loris Degioanni
 
"How about no grep and zabbix?". ELK based alerts and metrics.
"How about no grep and zabbix?". ELK based alerts and metrics."How about no grep and zabbix?". ELK based alerts and metrics.
"How about no grep and zabbix?". ELK based alerts and metrics.Vladimir Pavkin
 
ELK, a real case study
ELK, a real case studyELK, a real case study
ELK, a real case studyPaolo Tonin
 
The ELK Stack - Get to Know Logs
The ELK Stack - Get to Know LogsThe ELK Stack - Get to Know Logs
The ELK Stack - Get to Know LogsGlobalLogic Ukraine
 
Open Source Logging and Monitoring Tools
Open Source Logging and Monitoring ToolsOpen Source Logging and Monitoring Tools
Open Source Logging and Monitoring ToolsPhase2
 
Scaling Development Environments with Docker
Scaling Development Environments with DockerScaling Development Environments with Docker
Scaling Development Environments with DockerDocker, Inc.
 
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...gethue
 
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.Airat Khisamov
 
Shipping & Visualize Your Data With ELK
Shipping & Visualize Your Data With ELKShipping & Visualize Your Data With ELK
Shipping & Visualize Your Data With ELKAdam Chen
 
Icinga Web 2 is more
Icinga Web 2 is moreIcinga Web 2 is more
Icinga Web 2 is moreIcinga
 
Building applications with Serverless Framework and AWS Lambda
Building applications with Serverless Framework and AWS LambdaBuilding applications with Serverless Framework and AWS Lambda
Building applications with Serverless Framework and AWS LambdaFredrik Vraalsen
 
'Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash''Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash'Cloud Elements
 
Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Docker, Inc.
 
Elastic - ELK, Logstash & Kibana
Elastic - ELK, Logstash & KibanaElastic - ELK, Logstash & Kibana
Elastic - ELK, Logstash & KibanaSpringPeople
 

Mais procurados (20)

Building a Serverless Pipeline
Building a Serverless PipelineBuilding a Serverless Pipeline
Building a Serverless Pipeline
 
Real-time data analysis using ELK
Real-time data analysis using ELKReal-time data analysis using ELK
Real-time data analysis using ELK
 
Spicing up JMX with Jolokia (Devoxx 2014)
Spicing up JMX with Jolokia (Devoxx 2014)Spicing up JMX with Jolokia (Devoxx 2014)
Spicing up JMX with Jolokia (Devoxx 2014)
 
Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...
Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...
Mobile Library Development - stuck between a pod and a jar file - Zan Markan ...
 
State of Development - Icinga Meetup Linz August 2019
State of Development - Icinga Meetup Linz August 2019State of Development - Icinga Meetup Linz August 2019
State of Development - Icinga Meetup Linz August 2019
 
ContainerCon sysdig Slides
ContainerCon sysdig Slides ContainerCon sysdig Slides
ContainerCon sysdig Slides
 
"How about no grep and zabbix?". ELK based alerts and metrics.
"How about no grep and zabbix?". ELK based alerts and metrics."How about no grep and zabbix?". ELK based alerts and metrics.
"How about no grep and zabbix?". ELK based alerts and metrics.
 
ELK, a real case study
ELK, a real case studyELK, a real case study
ELK, a real case study
 
The ELK Stack - Get to Know Logs
The ELK Stack - Get to Know LogsThe ELK Stack - Get to Know Logs
The ELK Stack - Get to Know Logs
 
Open Source Logging and Monitoring Tools
Open Source Logging and Monitoring ToolsOpen Source Logging and Monitoring Tools
Open Source Logging and Monitoring Tools
 
Scaling Development Environments with Docker
Scaling Development Environments with DockerScaling Development Environments with Docker
Scaling Development Environments with Docker
 
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
Spark Summit Europe: Building a REST Job Server for interactive Spark as a se...
 
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.
Central LogFile Storage. ELK stack Elasticsearch, Logstash and Kibana.
 
Shipping & Visualize Your Data With ELK
Shipping & Visualize Your Data With ELKShipping & Visualize Your Data With ELK
Shipping & Visualize Your Data With ELK
 
Icinga Web 2 is more
Icinga Web 2 is moreIcinga Web 2 is more
Icinga Web 2 is more
 
Building applications with Serverless Framework and AWS Lambda
Building applications with Serverless Framework and AWS LambdaBuilding applications with Serverless Framework and AWS Lambda
Building applications with Serverless Framework and AWS Lambda
 
'Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash''Scalable Logging and Analytics with LogStash'
'Scalable Logging and Analytics with LogStash'
 
ELK introduction
ELK introductionELK introduction
ELK introduction
 
Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok Securing the Container Pipeline at Salesforce by Cem Gurkok
Securing the Container Pipeline at Salesforce by Cem Gurkok
 
Elastic - ELK, Logstash & Kibana
Elastic - ELK, Logstash & KibanaElastic - ELK, Logstash & Kibana
Elastic - ELK, Logstash & Kibana
 

Destaque

Hunting powerpoint
Hunting powerpointHunting powerpoint
Hunting powerpointKJRoss9
 
(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte ScaleAmazon Web Services
 
Neuigkeiten von DEPAROM & Co
Neuigkeiten von DEPAROM & CoNeuigkeiten von DEPAROM & Co
Neuigkeiten von DEPAROM & CoArne Krueger
 
Writing New Relic Plugins: NSQ
Writing New Relic Plugins: NSQWriting New Relic Plugins: NSQ
Writing New Relic Plugins: NSQlxfontes
 
Reversing malware analysis training part3 windows pefile formatbasics
Reversing malware analysis training part3 windows pefile formatbasicsReversing malware analysis training part3 windows pefile formatbasics
Reversing malware analysis training part3 windows pefile formatbasicsCysinfo Cyber Security Community
 
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...Amazon Web Services
 
Evolution of OPNFV CI System: What already exists and what can be introduced
Evolution of OPNFV CI System: What already exists and what can be introduced Evolution of OPNFV CI System: What already exists and what can be introduced
Evolution of OPNFV CI System: What already exists and what can be introduced OPNFV
 
Platform - Technical architecture
Platform - Technical architecturePlatform - Technical architecture
Platform - Technical architectureDavid Rundle
 
Python Pants Build System for Large Codebases
Python Pants Build System for Large CodebasesPython Pants Build System for Large Codebases
Python Pants Build System for Large CodebasesAngad Singh
 
Reactive Cloud Security | AWS Public Sector Summit 2016
Reactive Cloud Security | AWS Public Sector Summit 2016Reactive Cloud Security | AWS Public Sector Summit 2016
Reactive Cloud Security | AWS Public Sector Summit 2016Amazon Web Services
 
Automated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSSAutomated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSSSonatype
 
NSM (Network Security Monitoring) - Tecland Chapeco
NSM (Network Security Monitoring) - Tecland ChapecoNSM (Network Security Monitoring) - Tecland Chapeco
NSM (Network Security Monitoring) - Tecland ChapecoRodrigo Montoro
 
Developing highly scalable applications with Symfony and RabbitMQ
Developing highly scalable applications with Symfony and RabbitMQDeveloping highly scalable applications with Symfony and RabbitMQ
Developing highly scalable applications with Symfony and RabbitMQAlexey Petrov
 
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)Gaurav Srivastav
 
Aws + Puppet = Dynamic Scale
Aws + Puppet = Dynamic ScaleAws + Puppet = Dynamic Scale
Aws + Puppet = Dynamic ScalePuppet
 

Destaque (20)

Hunting powerpoint
Hunting powerpointHunting powerpoint
Hunting powerpoint
 
Risk management
Risk managementRisk management
Risk management
 
(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale
 
Neuigkeiten von DEPAROM & Co
Neuigkeiten von DEPAROM & CoNeuigkeiten von DEPAROM & Co
Neuigkeiten von DEPAROM & Co
 
Writing New Relic Plugins: NSQ
Writing New Relic Plugins: NSQWriting New Relic Plugins: NSQ
Writing New Relic Plugins: NSQ
 
Reversing malware analysis training part3 windows pefile formatbasics
Reversing malware analysis training part3 windows pefile formatbasicsReversing malware analysis training part3 windows pefile formatbasics
Reversing malware analysis training part3 windows pefile formatbasics
 
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...
AWS re:Invent 2016: Deploying and Managing .NET Pipelines and Microsoft Workl...
 
Evolution of OPNFV CI System: What already exists and what can be introduced
Evolution of OPNFV CI System: What already exists and what can be introduced Evolution of OPNFV CI System: What already exists and what can be introduced
Evolution of OPNFV CI System: What already exists and what can be introduced
 
Platform - Technical architecture
Platform - Technical architecturePlatform - Technical architecture
Platform - Technical architecture
 
Python Pants Build System for Large Codebases
Python Pants Build System for Large CodebasesPython Pants Build System for Large Codebases
Python Pants Build System for Large Codebases
 
Reactive Cloud Security | AWS Public Sector Summit 2016
Reactive Cloud Security | AWS Public Sector Summit 2016Reactive Cloud Security | AWS Public Sector Summit 2016
Reactive Cloud Security | AWS Public Sector Summit 2016
 
Yirgacheffe Chelelelktu Washed Coffee 2015
Yirgacheffe Chelelelktu Washed Coffee 2015Yirgacheffe Chelelelktu Washed Coffee 2015
Yirgacheffe Chelelelktu Washed Coffee 2015
 
Automated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSSAutomated Infrastructure Security: Monitoring using FOSS
Automated Infrastructure Security: Monitoring using FOSS
 
NSM (Network Security Monitoring) - Tecland Chapeco
NSM (Network Security Monitoring) - Tecland ChapecoNSM (Network Security Monitoring) - Tecland Chapeco
NSM (Network Security Monitoring) - Tecland Chapeco
 
Kelompok 2
Kelompok 2Kelompok 2
Kelompok 2
 
Developing highly scalable applications with Symfony and RabbitMQ
Developing highly scalable applications with Symfony and RabbitMQDeveloping highly scalable applications with Symfony and RabbitMQ
Developing highly scalable applications with Symfony and RabbitMQ
 
Linux Malware Analysis
Linux Malware Analysis Linux Malware Analysis
Linux Malware Analysis
 
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
Gaurav dev ops (AWS, Linux, Automation-ansible, jenkins:CI and CD:Ansible)
 
ITV& Bashton
ITV& Bashton ITV& Bashton
ITV& Bashton
 
Aws + Puppet = Dynamic Scale
Aws + Puppet = Dynamic ScaleAws + Puppet = Dynamic Scale
Aws + Puppet = Dynamic Scale
 

Semelhante a Machine Learning and Logging for Monitoring Microservices

Open Source Logging and Metrics Tools
Open Source Logging and Metrics ToolsOpen Source Logging and Metrics Tools
Open Source Logging and Metrics ToolsPhase2
 
Monitoring Containers at New Relic by Sean Kane
Monitoring Containers at New Relic by Sean Kane Monitoring Containers at New Relic by Sean Kane
Monitoring Containers at New Relic by Sean Kane Docker, Inc.
 
How bol.com makes sense of its logs, using the Elastic technology stack.
How bol.com makes sense of its logs, using the Elastic technology stack.How bol.com makes sense of its logs, using the Elastic technology stack.
How bol.com makes sense of its logs, using the Elastic technology stack.Renzo Tomà
 
Docker Logging and analysing with Elastic Stack - Jakub Hajek
Docker Logging and analysing with Elastic Stack - Jakub Hajek Docker Logging and analysing with Elastic Stack - Jakub Hajek
Docker Logging and analysing with Elastic Stack - Jakub Hajek PROIDEA
 
Docker Logging and analysing with Elastic Stack
Docker Logging and analysing with Elastic StackDocker Logging and analysing with Elastic Stack
Docker Logging and analysing with Elastic StackJakub Hajek
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014Amazon Web Services
 
Open shift enterprise 3.1 paas on kubernetes
Open shift enterprise 3.1 paas on kubernetesOpen shift enterprise 3.1 paas on kubernetes
Open shift enterprise 3.1 paas on kubernetesSamuel Terburg
 
Cloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveCloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveKazuto Kusama
 
Improving Apache Spark Downscaling
Improving Apache Spark Downscaling Improving Apache Spark Downscaling
Improving Apache Spark DownscalingDatabricks
 
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & MobileIVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & MobileAmazon Web Services Japan
 
FPC for the Masses - CoRIIN 2018
FPC for the Masses - CoRIIN 2018FPC for the Masses - CoRIIN 2018
FPC for the Masses - CoRIIN 2018Xavier Mertens
 
Security research over Windows #defcon china
Security research over Windows #defcon chinaSecurity research over Windows #defcon china
Security research over Windows #defcon chinaPeter Hlavaty
 
Novalug 07142012
Novalug 07142012Novalug 07142012
Novalug 07142012Mandi Walls
 
PaaSTA: Autoscaling at Yelp
PaaSTA: Autoscaling at YelpPaaSTA: Autoscaling at Yelp
PaaSTA: Autoscaling at YelpNathan Handler
 
Monitoring in Motion: Monitoring Containers and Amazon ECS
Monitoring in Motion: Monitoring Containers and Amazon ECSMonitoring in Motion: Monitoring Containers and Amazon ECS
Monitoring in Motion: Monitoring Containers and Amazon ECSAmazon Web Services
 
ETL with SPARK - First Spark London meetup
ETL with SPARK - First Spark London meetupETL with SPARK - First Spark London meetup
ETL with SPARK - First Spark London meetupRafal Kwasny
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!DoiT International
 
Год в Github bugbounty, опыт участия
Год в Github bugbounty, опыт участияГод в Github bugbounty, опыт участия
Год в Github bugbounty, опыт участияdefcon_kz
 
(Fios#02) 2. elk 포렌식 분석
(Fios#02) 2. elk 포렌식 분석(Fios#02) 2. elk 포렌식 분석
(Fios#02) 2. elk 포렌식 분석INSIGHT FORENSIC
 

Semelhante a Machine Learning and Logging for Monitoring Microservices (20)

Open Source Logging and Metrics Tools
Open Source Logging and Metrics ToolsOpen Source Logging and Metrics Tools
Open Source Logging and Metrics Tools
 
Monitoring Containers at New Relic by Sean Kane
Monitoring Containers at New Relic by Sean Kane Monitoring Containers at New Relic by Sean Kane
Monitoring Containers at New Relic by Sean Kane
 
How bol.com makes sense of its logs, using the Elastic technology stack.
How bol.com makes sense of its logs, using the Elastic technology stack.How bol.com makes sense of its logs, using the Elastic technology stack.
How bol.com makes sense of its logs, using the Elastic technology stack.
 
Hotsos Advanced Linux Tools
Hotsos Advanced Linux ToolsHotsos Advanced Linux Tools
Hotsos Advanced Linux Tools
 
Docker Logging and analysing with Elastic Stack - Jakub Hajek
Docker Logging and analysing with Elastic Stack - Jakub Hajek Docker Logging and analysing with Elastic Stack - Jakub Hajek
Docker Logging and analysing with Elastic Stack - Jakub Hajek
 
Docker Logging and analysing with Elastic Stack
Docker Logging and analysing with Elastic StackDocker Logging and analysing with Elastic Stack
Docker Logging and analysing with Elastic Stack
 
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
(WEB301) Operational Web Log Analysis | AWS re:Invent 2014
 
Open shift enterprise 3.1 paas on kubernetes
Open shift enterprise 3.1 paas on kubernetesOpen shift enterprise 3.1 paas on kubernetes
Open shift enterprise 3.1 paas on kubernetes
 
Cloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep DiveCloud Foundry V2 | Intermediate Deep Dive
Cloud Foundry V2 | Intermediate Deep Dive
 
Improving Apache Spark Downscaling
Improving Apache Spark Downscaling Improving Apache Spark Downscaling
Improving Apache Spark Downscaling
 
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & MobileIVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
IVS CTO Night And Day 2018 Winter - [re:Cap] Serverless & Mobile
 
FPC for the Masses - CoRIIN 2018
FPC for the Masses - CoRIIN 2018FPC for the Masses - CoRIIN 2018
FPC for the Masses - CoRIIN 2018
 
Security research over Windows #defcon china
Security research over Windows #defcon chinaSecurity research over Windows #defcon china
Security research over Windows #defcon china
 
Novalug 07142012
Novalug 07142012Novalug 07142012
Novalug 07142012
 
PaaSTA: Autoscaling at Yelp
PaaSTA: Autoscaling at YelpPaaSTA: Autoscaling at Yelp
PaaSTA: Autoscaling at Yelp
 
Monitoring in Motion: Monitoring Containers and Amazon ECS
Monitoring in Motion: Monitoring Containers and Amazon ECSMonitoring in Motion: Monitoring Containers and Amazon ECS
Monitoring in Motion: Monitoring Containers and Amazon ECS
 
ETL with SPARK - First Spark London meetup
ETL with SPARK - First Spark London meetupETL with SPARK - First Spark London meetup
ETL with SPARK - First Spark London meetup
 
K8s best practices from the field!
K8s best practices from the field!K8s best practices from the field!
K8s best practices from the field!
 
Год в Github bugbounty, опыт участия
Год в Github bugbounty, опыт участияГод в Github bugbounty, опыт участия
Год в Github bugbounty, опыт участия
 
(Fios#02) 2. elk 포렌식 분석
(Fios#02) 2. elk 포렌식 분석(Fios#02) 2. elk 포렌식 분석
(Fios#02) 2. elk 포렌식 분석
 

Último

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 

Último (20)

Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 

Machine Learning and Logging for Monitoring Microservices

  • 1. ANALYZE THIS: ML AND LOGGING FOR MONITORING MICROSERVICES
  • 2. skb rides the rocket
  • 3. kernel: xen_netfront: xennet: skb rides the rocket: 19 slots
  • 4. Daniel Berman • Product Evangelist @logzio • LAMPer, Docker, ELK • Speaker/Blogger (SitePoint, DZone) • Meetup organizer: TLV-PHP, TLV- ELK • Contact me: @proudboffin | daniel@logz.io
  • 5. 1-min on • Log analysis company • ELK-as-a-Service • Enterprise grade: auto- everything, security, multi-tenant • Additional features: ELK Apps, S3 archiving, AI
  • 6. Agenda • Logs + logging background • The challenges • Centralized logging with ELK • Using machine learning • Demo • Q & A
  • 8. Online user behavior IoT analytic s Dev, monitoring & system troubleshooting Security and compliance LOG ANALYTICS IS FUNDEMENTAL FOR UNDERSTANDING MACHINES Security devices App server Network
  • 9. LOG ANALYTICS FOR MICROSERVICES • Service logs 10/01/17 00:53:51 INFO apollo i.l.c.b.c.b.MappedPageFactory: Page file /tmp/logzio-logback-buffer/listener-metrics/logzio-logback-appender/data/page- 48.dat was just deleted. • Service metrics 10/01/17 02:53:51 INFO apollo a.b.c.metrics: Account-Incoming, key: 126, value: 54321
  • 10. LOG ANALYTICS FOR MICROSERVICES • Host logs/metrics • Execution runtime logs
  • 11. THE CHALLENGES WITH LOGGING MICROSERVICES • Transient • Distributed • Independent • Multilayered
  • 12. LOGGING IN A DOCKERIZED WORLD $ docker logs 2016-06-02T13:05:22.614090Z 0 [Note] InnoDB: 5.7.12 started; log sequence number 2522067
  • 13. LOGGING IN A DOCKERIZED WORLD $ docker stats CONTAINER CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O 3747bd397456 0.01% 3.641 MB / 2.1 GB 0.17% 3.366 kB / 648 B 0 B / 0 B 396e42ba0d15 0.11% 1.638 MB / 2.1 GB 0.08% 9.79 kB / 648 B 348.2 kB / 0 B 468bf755240a 3.19% 45.67 MB / 2.1 GB 2.17% 25.19 MB / 17.95 MB 774.1 kB / 0 B 5f16814a3c0e 0.01% 495.6 kB / 2.1 GB 0.02% 8.564 kB / 648 B 0 B / 0 B 74cdfa7b8a0c 0.04% 3.908 MB / 2.1 GB 0.19% 2.028 kB / 648 B 0 B / 0 B 99bafb7600fc 0.00% 32.95 MB / 2.1 GB 1.57% 0 B / 0 B 2.093 MB / 20.48 kB
  • 14. LOGGING IN A DOCKERIZED WORLD $ docker daemon time="2016-06-05T12:03:49.716900785Z" level=debug msg="received containerd event: &types.Event{Type:"exit", Id:"3747bd397456cd28058bb40799cd0642f431849b5c43ce56536ab7f55a98114f", Status:0x0, Pid:"4120a7625a592f7c95eab4b1b442a45370f6dd95b63d284714dbb58f00d0a20d", Timestamp:0x57541525}"
  • 15. OH, AND THERE’S THIS… Large & complex application & operational logs Multiple different formats Multiple log files per component / instance SLOW & labor Intensive Error-prone processing Relies on an individual’s skills Expensive Hard to find what is relevant and important in log data Scaling and securing open-source implementation is expensive and almost impossible to scale
  • 16. CENTRALIZED LOGGING TO THE RESCUE • Centralized data collection and management management • Provides inferable context to logs • Analysis, event correlation and visualization visualization
  • 17. OLD SCHOOL LOGGING $ grep ' 30[1234] ' /var/logs/apache2/access.log | grep -v baidu | grep -v Googlebot 173.230.156.8 - - [04/Sep/2015:06:10:10 +0000] "GET /morpht HTTP/1.0" 301 26 "-" "Mozilla/5.0 (pc-x86_64-linux-gnu)" 192.3.83.5 - - [04/Sep/2015:06:10:22 +0000] "GET /?q=node/add HTTP/1.0" 301 26 "http://morpht.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.2.5 (KHTML, like Gecko) Version/8.0.2 Safari/600.2.5"
  • 19. A BIT ABOUT ELK • World’s most popular open source log analysis platform • 4.5M downloads a month! • Centralized logging AND: search, BI, SEO, IoT, and more
  • 20. THE MARKET IS DOMINATED BY OPEN SOURCE SOLUTIONS Over the past 3 years, the market shifted attention from proprietary to open source It’s simple to get started and play with ELK, and the UI is just beautiful Simple and beautifulOpen Source/Flexible Fast-growing community, no vendor lock-in and no license cost Blazing quick responses even when searching through millions of documents Fast. Very fast. ELK Stack 500,000+ companies 15K companies
  • 21. TYPICAL ELK PIPELINE • Visualizations and dashboards • Log shipper • Collecting and parsing • Full-text search and analysis engine • Scalable, fast, highly available • REST API
  • 22. STEP 1 – INSTALLING ELK https://hub.docker.com/r/sebp/elk/ elk: image: sebp/elk ports: - "5601:5601" - "9200:9200" - "5044:5044" $ sudo docker-compose up elk https://github.com/deviantony/docker-elk
  • 23. • Logging drivers (json-file, syslog, fluentd…) STEP 2 – FORWARDING LOGS $ docker run -d --name nginx --log-driver=syslog --log-opt syslog- address=tcp://SYSLOG_IP:PORT -p 80:80 nginx:alpine webserver: image: nginx:alpine container_name: nginx ports: - "80:80" s logging: driver: syslog options: syslog-address=tcp://SYSLOG_IP:PORT syslog-tag: "nginx"
  • 24. • Logspout $ docker run --name="logspout" -- volume=/var/run/docker.sock:/var/run/docker.sock gliderlabs/logspout syslog+tls://167.23.145.12:55555 STEP 2 – FORWARDING LOGS
  • 25. • Filebeat yourapp: image: your/image ports: - "80:80" links: - elk elk: image: sebp/elk ports: - "5601:5601" - "9200:9200" - "5044:5044" STEP 2 – FORWARDING LOGS
  • 26. • Configure Logstash (input, filter, output) filter { if [type] == "dockerlogs" { if ([message] =~ "^tat ") { drop {} } grok { break_on_match => false match => [ "message", " responded with %{NUMBER:status_code:int}" ] tag_on_failure => [] } } } STEP 3 – PARSING
  • 27. • DO NOT expose Elasticsearch (‘network.host’) • Use proxies • Isolate Elasticsearch • Change default ports STEP 4 – SECURITY
  • 28.
  • 29. OTHER SOLUTIONS • Hosted ELK (Logz.io, Elastic Cloud, Sematext) • Other logging/monitoring SaaS (Datadog, Papertrail, Loggly)
  • 30. THE BIG ELEPHANT (ELK) IN THE ROOM • Not knowing what question to ask • Needle in the haystack syndrome • Logs cannot be analyzed by a human alone • Anomaly detection does not work
  • 31. ANOMALY DETECTION DOESN’T WORK • Not every anomaly is an error • Not every error represents itself in an anomaly • Apps run as step functions
  • 34. WHAT IS MACHINE LEARNING? “Machine learning is a type of artificial intelligence that provides computers with the ability to learn without being explicitly programmed.” (TechTarget)
  • 35. SUPERVISED MACHINE LEARNING (BY EXAMPLE) 1. Labeling – gathering and labeling logs • User behavior • Inter-user similarities • Public resources 2. Training a classifier – defining what log is important 3. Integration within the system
  • 36. ‘skb rides the rocket’ kernel: xen_netfront: xennet: skb rides the rocket: 19 slots (http://serverfault.com/questions/647489/what-is-causing- skb-rides-the-rocket-errors)
  • 37.
  • 38. EXTRAS • Logz.io blog: http://logz.io/blog • Elastic docs http://elastic.co/documentation • Slack team: https://elk-stack-professionals- pfuiokfxqy.now.sh • ELK meetup: https://www.meetup.com/Tel-Aviv-Yafo- ELK-ElasticSearch-Meetup/

Notas do Editor

  1. Syslog message, result of packet loss, due to a kernel bug in linux.
  2. Syslog message, result of packet loss, due to a kernel bug in linux.
  3. Logs are a stream of aggregated, time-ordered events collected from the output streams of running processes and backing services
  4. Does anyone not use logs? When running builds to identify compile errors When you’re running a system – for troubleshooting your system For learning about the behavior of your system So anyone creating, deploying or running software needs logs!
  5. Service logs – service_id, request_id (for tracing across the architecture), type, timestamp Metric collection - to measure improvements, new code Resource utilizations (CPU, memory, Network, Filesystem) Runtime metrics (Jenkins build times)
  6. Metric collection - to measure improvements, new code Resource utilizations (CPU, memory, Network, Filesystem) Runtime metrics (Jenkins build times)
  7. Microservices are stateless. That means that an instance of a service can be created, stopped, restarted, and destroyed at any time without impacting other services. Any logging functionality we implement can’t rely on the service persisting for any period of time. Microservices are independent. With microservices, only the execution environment is aware of the context. Kubernetes is aware of pods for example but not the hosting machine. Microservices are distributed. You’ll likely find yourself logging related data from two completely independent platforms. To log effectively, we need a way to correlate events across the infrastructure.
  8. Let’s take the Docker execution environment for example. You have three different types of logs and metrics that can be extracted.
  9. Multiply all of this – at Logz.io for example, we’e running about 60 Docker hosts, each with 4-5 containers…
  10. In modern environments, log analysis remains an extremely complicated and resource consuming task for even the most experienced developer, DevOps or IT operations teams out there. Despite having all the most sophisticated analytics and monitoring tools. That’s because at the end of the day, behind these tools stands a human being who needs to connect-the-dots and make informed, timely decisions; He needs to  know how to extract signals and actionable meaning out of millions of log messages.
  11. In essence, centralize logging detaches logging from the containers running your microservices Using parsing and filtering you can give your logs context By structuring logs, and providing a comfortable UI, it enables easier analysis
  12. All three services are started automatically Image persists /var/lib/elasticsearch — which is the directory that Elasticsearch stores its data in — as a volume.
  13. Install a log forwarder to send to Logstash – this depends on the Docker driver used.
  14. Logspout is a log router for Docker containers that runs inside Docker. It attaches to all containers on a host, then routes their logs wherever you want. It also has an extensible module system. Logspout is a very small Docker container (15.2MB virtual)
  15. Install a log forwarder to send to Logstash – this depends on the Docker driver used. docker inspect afaac897ab50 | grep LogPath
  16. Each Docker image has it’s own logging format, so these filters will be very specific
  17. Bind the nodes to localhost or private IP Use proxies to communicate with clients – to add user control and to do request filtering, put in front of Kibana
  18. Bind the nodes to localhost or private IP Use proxies to communicate with clients – to add user control and to do request filtering, put in front of Kibana
  19. False alarms and high signal-to-noise ratio
  20. Not every anomaly is an error Developer introducing a new log line Access usage Seasonality changes Not every error represents itself in an anomaly Resource utilization Memory leak Applications run as a step function Anomaly detection works on continuous function
  21. Enables you to train a self-improving system that asks the questions for us Can sift through vast amount of data and flag relevant events
  22. Supervised machine learning is based on the idea of learning by example Labeling – gathering and labeling logs – coloring the data in different colors Opened/unopened Error logs Exceptions logs Training a classifier - defining what log is important. Simply put, a classifier is a formula that you build in order to answer a question. Using labels, we build a mathematical representation of a log message, which in turn is inserted into the formula – if the result of this formula passed a specific threshold, a log is relevant. Integration within the system – using Hadoop and Spark
  23. As IT operations become agile and dynamic, they are also getting immensely complex. 2 main challenges in logging microservices: Logging in a distributed architecture Finding the needle in the haystack Proposed solutions: Centralized logging Machine learning approach Turns manual Dev, DevOps and IT operations into an automated process Poses the questions for you – revealing events that would otherwise go undetected