Production logs can help ensure application security, reveal business insights and find and understand errors, crashes, and exceptions. But as useful as logs are, they’re difficult to manage and hard to keep track of. Making matters worse is that as log data volume grows, so does the difficult task of maintaining and managing them. It’s for this reason that developers, DevOps engineers, and CTOs turn to log management tools.
Central storage is vitally important in log management. Just as storing and processing logs into lumber is done in one place, a sawmill, a central repository makes it cheaper and more efficient to process event logs in one location. Moving between multiple locations to process logs can decrease performance. To continue the analogy, once boards are cut at a sawmill, a tool such as a wood jointer smoothes out the rough edges of the boards and readies them for use in making beautiful things.
We are happy to inform our users that a new Docker logging plugin is available on the Docker Store! Using this plugin, users can easily ship container logs directly to Logz.io, and enjoy the following benefits.
Today we are releasing Graylog v2.4.5 to fix a few bugs. We have also fixed an Elasticsearch credentials issue found by Defence Logic Limited - thanks for finding this and responsibly disclosing it.
Splunk helps IT operations (ITOps) teams simultaneously reduce their mean time to resolution (MTTR) and drive collaboration. To better understand Splunk, let’s take a closer look at the software platform, how it works and its benefits.
Let me preface this article with a quick customer story. I was recently talking with the director of operations of a G2000 company and he asked in a nice, but pointed way: “All I want is a SaaS software solution to manage my applications. Why does the architecture of the software matter?”. At Sumo Logic, we couldn’t agree and disagree more.
We’ve all been there — you’re on-call, fast asleep at 3 AM when suddenly, in comes the alerts–in overdrive. Your system is notifying you of some sort of abnormal behavior, but with all the alerts and data coming through, its difficult to figure out what your system is trying to tell you. Is there potential malicious behavior? Did someone write faulty code? Is it an important issue or can it wait? Is it nothing at all?
Logs contain some of the most valuable data available to developers, DevOps practitioners, Site Reliability Engineers (SREs) and security teams, particularly when troubleshooting an incident. It’s not always easy to extract and use, though. One common challenge is that many log entries are blobs of unstructured text, making it difficult to extract the relevant information when you need it.
Elasticsearch comes with good out-of-the-box Garbage Collection settings. So good in fact that the Definitive Guide recommends not changing them. While we agree that most use-cases wouldn’t benefit from GC tuning, especially when it turns out there simply isn’t enough heap, there are exceptions. We found that G1 GC, for example, works well on big heaps. This allows you to have less, bigger nodes, which in turn means less network traffic in a large cluster.
What the Beats family of log shippers are to Logstash, so Fluent Bit is to Fluentd — a lightweight log collector, that can be installed as an agent on edge servers in a logging architecture, shipping to a selection of output destinations.
