SlideShare une entreprise Scribd logo

No one listens to my podcast (a kibana story)

OpenSource Connections
OpenSource Connections

Introduction to Kibana by Matt Overstreet at OpenSource Connections http://opensourceconnections.com

Technologie
1  sur  28
Télécharger pour lire hors ligne
No one listens to my podcast a Kibana story Matt Overstreet ! | opensourceconnections.com "
Things I Have: • A Podcast • Some Logs • Kibana Matt Overstreet ! | opensourceconnections.com "
Let’s do this! Matt Overstreet ! | opensourceconnections.com "
Put them all in a folder $ ls -l drwxr-xr-x@ 12 matt staff 408B Apr 24 13:07 elasticsearch drwxr-xr-x@ 16 matt staff 544B Apr 17 12:04 kibana drwxr-xr-x 4672 matt staff 155K Apr 24 14:19 logs drwxr-xr-x@ 20 matt staff 680B Apr 24 22:55 logstash Matt Overstreet ! | opensourceconnections.com "
Start Elasticsearch cd elasticsearch/ bin/elasticsearch Matt Overstreet ! | opensourceconnections.com "
Start Kibana cd kibana and bin/kibana Matt Overstreet ! | opensourceconnections.com "
It Works! Matt Overstreet ! | opensourceconnections.com "
Let’s look at the data time_micros c_ip ciptype cipregion cs_method cs_uri sc_status cs_bytes sc_bytes timetakenmicros cs_host cs_referer csuseragent srequestid cs_operation cs_bucket cs_object 1488343917672 486 173.66.45.75 1 GET search- discomagic- bullet.mp3 206 0 2 225000 storage.googlea pis.com AppleCoreMedia /1.0.0.14D27 (iPhone; U; CPU OS 1021 like Mac OS X; enus)AEnB2Uqwr MFQZw537yrbZH Z823C8Z0RjigtS wcunEQloBUpX3 noZow1KxBB0LT Wt_bDeuBoQm9 ex9dIaQhQZE2A 1xtjujaRRA GET_Object search-disco magic-bullet.mp3 1488343978304 277 173.66.45.75 1 GET search- discosolr-6- release.mp3 206 0 2 313000 storage.googlea pis.com itunesstored1.0 iOS/10.2.1 modeliPhone5,1 hwp/s5l8950x build/14D27 (6; dt:79) AEnB2UoemzAN LH64amvUXetx4 Kj8jyHIOPzDesr0 XOTI4ziC8Rf06d mbVcDpHu4h8z gMgLYVUHeggsv 0PeT6vnsNmVK M5iVvdA GET_Object search-disco solr-6- release.mp3 1488344010045 421 173.66.45.75 1 GET search- discofacets-and- search-ui.mp3 200 0 65202388 30813000 storage.googlea pis.com AppleCoreMedia /1.0.0.14D27 (iPhone; U; CPU OS 1021 like Mac OS X; en_us) AEnB2UqmhUom _JGo2yWqGpS- f8PhjUTLsF7fmlt4 gEbDQovE- JxchtEeZInvW7D J8tiVpQyTC0qES Ljq1SpJm7f8V2c LrKs6dA GET_Object search-disco facets-and- search-ui.mp3 1488344052519 416 173.66.45.75 1 GET search- discosolr-6- release.mp3 206 0 2 112000 storage.googlea pis.com AppleCoreMedia /1.0.0.14D27 (iPhone; U; CPU OS 1021 like Mac OS X; en_us) AEnB2UpOEjiiFk bPSpFkimlQUKb _POvFr85oceSWf ZrKiWUsCMkuqe WlABVzQAkFK6t 0Mixl1RtA0BJXh EczxleLv5Z6pgTw GET_Object search-disco solr-6- release.mp3 Matt Overstreet ! | opensourceconnections.com "
Lets build a Logstash config! input { file { path => "/Users/matt/Documents/code/podcast/logs/search_disco_usage*v0" } } filter { csv { columns => ["time_micros","c_ip","c_ip_type","c_ip_region","cs_method", "cs_uri","sc_status","cs_bytes","sc_bytes","time_taken_micros", "cs_host","cs_referer","cs_user_agent","s_request_id", "cs_operation","cs_bucket","cs_object"] separator => "," } } output { elasticsearch { hosts => "localhost" index => "logstash-sd" } } Matt Overstreet ! | opensourceconnections.com "
Input input { file { path => "/Users/matt/Documents/code/podcast/logs/search_disco_usage*v0" } } Matt Overstreet ! | opensourceconnections.com "
Filter filter { csv { columns => ["time_micros","c_ip","c_ip_type","c_ip_region","cs_method", "cs_uri","sc_status","cs_bytes","sc_bytes","time_taken_micros", "cs_host","cs_referer","cs_user_agent","s_request_id", "cs_operation","cs_bucket","cs_object"] separator => "," } } Matt Overstreet ! | opensourceconnections.com "
Output output { elasticsearch { hosts => "localhost" index => "logstash-sd" } } Matt Overstreet ! | opensourceconnections.com "
Timestamps We need to specify a timestamp for Kibana, but we have a problem! Our time data is in Microseconds!? time_microseconds 1488343917672486 Matt Overstreet ! | opensourceconnections.com "
Logstash doesn't handle microseconds Matt Overstreet ! | opensourceconnections.com "
No problem, add ruby filter { # prepare our time series data ruby { code => "event.set('time_micros', event.get('time_micros').to_i / 1000)" } # use it as a timestamp date { match => [ "time_micros", "UNIX_MS" ] } } Matt Overstreet ! | opensourceconnections.com "
Stash some logs! cd logstash bin/logstash -f config/seachdisco.conf Matt Overstreet ! | opensourceconnections.com "
Back to Kibana Matt Overstreet ! | opensourceconnections.com "
Matt Overstreet ! | opensourceconnections.com "
Create a Visualization Matt Overstreet ! | opensourceconnections.com "
Add a Sub-bucket Matt Overstreet ! | opensourceconnections.com "
Improvements Matt Overstreet ! | opensourceconnections.com "
What if Someone Digs Into the Back Catalog? Let's build a better Y-axis filter { mutate { add_field => { 'request_id' => "%{c_ip}-%{cs_object}" } } } Matt Overstreet ! | opensourceconnections.com "
Matt Overstreet ! | opensourceconnections.com "
Add a Map filter { geoip { source => "c_ip" target => "geoip" } } Matt Overstreet ! | opensourceconnections.com "
Doing more with plugins Matt Overstreet ! | opensourceconnections.com "
Parsing user agents filter { useragent { source => 'cs_user_agent' target => 'user_agent' } } Matt Overstreet ! | opensourceconnections.com "
Anonymizing IP’s Install a plugin $ bin/logstash-plugin install logstash-filter-anonymize Add a filter filter { anonymize { fields => ['request_id'] key => 'arbitrary' } mutate { remove_field => [ 'c_ip' ] } } Matt Overstreet ! | opensourceconnections.com "
Final Filter Block & Thanks filter { csv { columns => ["time_micros","c_ip","c_ip_type","c_ip_region","cs_method","cs_uri","sc_status","cs_bytes","sc_bytes", "time_taken_micros","cs_host","cs_referer","cs_user_agent","s_request_id","cs_operation","cs_bucket","cs_object"] separator => "," } # ignore API calls to upload/manipulate data if [cs_user_agent] =~ "google-api-python-client" { drop {} } ruby { # do some calculation code => "event.set('time_micros', event.get('time_micros').to_i / 1000)" } date { match => [ "time_micros", "UNIX_MS" ] } mutate { add_field => { 'request_id' => "%{c_ip}-%{cs_object}" } } geoip { source => "c_ip" target => "geoip" } useragent { source => 'cs_user_agent' target => 'user_agent' } anonymize { fields => ['request_id'] key => 'arbitrary' } mutate { remove_field => [ 'c_ip' ] } } Matt Overstreet ! | opensourceconnections.com "

Recommandé

The LCH Grid - High Performance Computing in High Energy Particle Physics
The LCH Grid - High Performance Computing in High Energy Particle PhysicsThe LCH Grid - High Performance Computing in High Energy Particle Physics
The LCH Grid - High Performance Computing in High Energy Particle PhysicsIT MegaMeet
 
The Gnocchi Experiment
The Gnocchi ExperimentThe Gnocchi Experiment
The Gnocchi ExperimentGordon Chung
 
An introduction to node3
An introduction to node3An introduction to node3
An introduction to node3Vivian S. Zhang
 
RSK sidechain
RSK sidechainRSK sidechain
RSK sidechainOscar Guindzberg
 
Pushing Python: Building a High Throughput, Low Latency System
Pushing Python: Building a High Throughput, Low Latency SystemPushing Python: Building a High Throughput, Low Latency System
Pushing Python: Building a High Throughput, Low Latency SystemKevin Ballard
 
Be Elastic: Leapset Innovation session 06-08-2015
Be Elastic: Leapset Innovation session 06-08-2015Be Elastic: Leapset Innovation session 06-08-2015
Be Elastic: Leapset Innovation session 06-08-2015Sameera Horawalavithana
 
Clojure at DataStax: The Long Road From Python to Clojure
Clojure at DataStax: The Long Road From Python to ClojureClojure at DataStax: The Long Road From Python to Clojure
Clojure at DataStax: The Long Road From Python to Clojurenickmbailey
 
Gevent at TellApart
Gevent at TellApartGevent at TellApart
Gevent at TellApartKevin Ballard
 

Recommandé

The LCH Grid - High Performance Computing in High Energy Particle Physics
The LCH Grid - High Performance Computing in High Energy Particle PhysicsThe LCH Grid - High Performance Computing in High Energy Particle Physics
The LCH Grid - High Performance Computing in High Energy Particle PhysicsIT MegaMeet
 
The Gnocchi Experiment
The Gnocchi ExperimentThe Gnocchi Experiment
The Gnocchi ExperimentGordon Chung
 
An introduction to node3
An introduction to node3An introduction to node3
An introduction to node3Vivian S. Zhang
 
RSK sidechain
RSK sidechainRSK sidechain
RSK sidechainOscar Guindzberg
 
Pushing Python: Building a High Throughput, Low Latency System
Pushing Python: Building a High Throughput, Low Latency SystemPushing Python: Building a High Throughput, Low Latency System
Pushing Python: Building a High Throughput, Low Latency SystemKevin Ballard
 
Be Elastic: Leapset Innovation session 06-08-2015
Be Elastic: Leapset Innovation session 06-08-2015Be Elastic: Leapset Innovation session 06-08-2015
Be Elastic: Leapset Innovation session 06-08-2015Sameera Horawalavithana
 
Clojure at DataStax: The Long Road From Python to Clojure
Clojure at DataStax: The Long Road From Python to ClojureClojure at DataStax: The Long Road From Python to Clojure
Clojure at DataStax: The Long Road From Python to Clojurenickmbailey
 
Gevent at TellApart
Gevent at TellApartGevent at TellApart
Gevent at TellApartKevin Ballard
 
Keynote: Scaling Sensu Go
Keynote: Scaling Sensu GoKeynote: Scaling Sensu Go
Keynote: Scaling Sensu GoSensu Inc.
 
Migrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without Downtime
Migrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without DowntimeMigrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without Downtime
Migrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without DowntimeFred de Villamil
 
Heartbleed Explained
Heartbleed ExplainedHeartbleed Explained
Heartbleed ExplainedAB'shęk Suryă
 
LMAX Disruptor as real-life example
LMAX Disruptor as real-life exampleLMAX Disruptor as real-life example
LMAX Disruptor as real-life exampleGuy Nir
 
Kafka Connect implementation at GumGum
Kafka Connect implementation at GumGumKafka Connect implementation at GumGum
Kafka Connect implementation at GumGumKarim Lamouri
 
Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...
Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...
Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...Ontico
 
Herding cats & catching fire: Workday's telemetry & middleware
Herding cats & catching fire: Workday's telemetry & middlewareHerding cats & catching fire: Workday's telemetry & middleware
Herding cats & catching fire: Workday's telemetry & middlewareSensu Inc.
 
Metrics spark meetup
Metrics spark meetupMetrics spark meetup
Metrics spark meetupSteven Le Roux
 
The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015
The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015
The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015Johan
 
Taskerman: A Distributed Cluster Task Manager
Taskerman: A Distributed Cluster Task ManagerTaskerman: A Distributed Cluster Task Manager
Taskerman: A Distributed Cluster Task ManagerRaghavendra Prabhu
 
Harmony intune final
Harmony intune finalHarmony intune final
Harmony intune finalMongoDB
 
Playing in Tune: How We Refactored Cube to Terabyte Scale
Playing in Tune: How We Refactored Cube to Terabyte ScalePlaying in Tune: How We Refactored Cube to Terabyte Scale
Playing in Tune: How We Refactored Cube to Terabyte ScaleMongoDB
 
Kubernetes Native Java
Kubernetes Native JavaKubernetes Native Java
Kubernetes Native JavaAlex Soto
 
London devops logging
London devops loggingLondon devops logging
London devops loggingTomas Doran
 
1404 app dev series - session 8 - monitoring & performance tuning
1404 app dev series - session 8 - monitoring & performance tuning1404 app dev series - session 8 - monitoring & performance tuning
1404 app dev series - session 8 - monitoring & performance tuningMongoDB
 
Ben Coverston - The Apache Cassandra Project
Ben Coverston - The Apache Cassandra ProjectBen Coverston - The Apache Cassandra Project
Ben Coverston - The Apache Cassandra ProjectMorningstar Tech Talks
 
ScaleCamp 2009 - Last.fm vs Xbox
ScaleCamp 2009 - Last.fm vs XboxScaleCamp 2009 - Last.fm vs Xbox
ScaleCamp 2009 - Last.fm vs Xboxdavidsingleton
 
Fine grained monitoring
Fine grained monitoringFine grained monitoring
Fine grained monitoringIben Rodriguez
 
Python Through the Back Door: Netflix Presentation at CodeMash 2014
Python Through the Back Door: Netflix Presentation at CodeMash 2014Python Through the Back Door: Netflix Presentation at CodeMash 2014
Python Through the Back Door: Netflix Presentation at CodeMash 2014royrapoport
 
Using Apache Spark and MySQL for Data Analysis
Using Apache Spark and MySQL for Data AnalysisUsing Apache Spark and MySQL for Data Analysis
Using Apache Spark and MySQL for Data AnalysisSveta Smirnova
 
Collecting 600M events/day
Collecting 600M events/dayCollecting 600M events/day
Collecting 600M events/dayLars Marius Garshol
 
Finding an unusual cause of max_user_connections in MySQL
Finding an unusual cause of max_user_connections in MySQLFinding an unusual cause of max_user_connections in MySQL
Finding an unusual cause of max_user_connections in MySQLOlivier Doucet
 

Contenu connexe

Tendances

Keynote: Scaling Sensu Go
Keynote: Scaling Sensu GoKeynote: Scaling Sensu Go
Keynote: Scaling Sensu GoSensu Inc.
 
Migrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without Downtime
Migrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without DowntimeMigrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without Downtime
Migrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without DowntimeFred de Villamil
 
LMAX Disruptor as real-life example
LMAX Disruptor as real-life exampleLMAX Disruptor as real-life example
LMAX Disruptor as real-life exampleGuy Nir
 
Kafka Connect implementation at GumGum
Kafka Connect implementation at GumGumKafka Connect implementation at GumGum
Kafka Connect implementation at GumGumKarim Lamouri
 
Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...
Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...
Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...Ontico
 
Herding cats & catching fire: Workday's telemetry & middleware
Herding cats & catching fire: Workday's telemetry & middlewareHerding cats & catching fire: Workday's telemetry & middleware
Herding cats & catching fire: Workday's telemetry & middlewareSensu Inc.
 
The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015
The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015
The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015Johan
 
Taskerman: A Distributed Cluster Task Manager
Taskerman: A Distributed Cluster Task ManagerTaskerman: A Distributed Cluster Task Manager
Taskerman: A Distributed Cluster Task ManagerRaghavendra Prabhu
 

Tendances (10)

Keynote: Scaling Sensu Go
Keynote: Scaling Sensu GoKeynote: Scaling Sensu Go
Keynote: Scaling Sensu Go
 
Migrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without Downtime
Migrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without DowntimeMigrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without Downtime
Migrating a 130TB Cluster from Elasticsearch 2 to 5 in 20 Hours Without Downtime
 
Heartbleed Explained
Heartbleed ExplainedHeartbleed Explained
Heartbleed Explained
 
LMAX Disruptor as real-life example
LMAX Disruptor as real-life exampleLMAX Disruptor as real-life example
LMAX Disruptor as real-life example
 
Kafka Connect implementation at GumGum
Kafka Connect implementation at GumGumKafka Connect implementation at GumGum
Kafka Connect implementation at GumGum
 
Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...
Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...
Efficient cluster resource management by using Cook and Mesos / Li Jin (Two S...
 
Herding cats & catching fire: Workday's telemetry & middleware
Herding cats & catching fire: Workday's telemetry & middlewareHerding cats & catching fire: Workday's telemetry & middleware
Herding cats & catching fire: Workday's telemetry & middleware
 
Metrics spark meetup
Metrics spark meetupMetrics spark meetup
Metrics spark meetup
 
The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015
The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015
The Directions Pipeline at Mapbox - AWS Meetup Berlin June 2015
 
Taskerman: A Distributed Cluster Task Manager
Taskerman: A Distributed Cluster Task ManagerTaskerman: A Distributed Cluster Task Manager
Taskerman: A Distributed Cluster Task Manager
 

Similaire à No one listens to my podcast (a kibana story)

Harmony intune final
Harmony intune finalHarmony intune final
Harmony intune finalMongoDB
 
Playing in Tune: How We Refactored Cube to Terabyte Scale
Playing in Tune: How We Refactored Cube to Terabyte ScalePlaying in Tune: How We Refactored Cube to Terabyte Scale
Playing in Tune: How We Refactored Cube to Terabyte ScaleMongoDB
 
Kubernetes Native Java
Kubernetes Native JavaKubernetes Native Java
Kubernetes Native JavaAlex Soto
 
London devops logging
London devops loggingLondon devops logging
London devops loggingTomas Doran
 
1404 app dev series - session 8 - monitoring & performance tuning
1404 app dev series - session 8 - monitoring & performance tuning1404 app dev series - session 8 - monitoring & performance tuning
1404 app dev series - session 8 - monitoring & performance tuningMongoDB
 
Ben Coverston - The Apache Cassandra Project
Ben Coverston - The Apache Cassandra ProjectBen Coverston - The Apache Cassandra Project
Ben Coverston - The Apache Cassandra ProjectMorningstar Tech Talks
 
ScaleCamp 2009 - Last.fm vs Xbox
ScaleCamp 2009 - Last.fm vs XboxScaleCamp 2009 - Last.fm vs Xbox
ScaleCamp 2009 - Last.fm vs Xboxdavidsingleton
 
Fine grained monitoring
Fine grained monitoringFine grained monitoring
Fine grained monitoringIben Rodriguez
 
Python Through the Back Door: Netflix Presentation at CodeMash 2014
Python Through the Back Door: Netflix Presentation at CodeMash 2014Python Through the Back Door: Netflix Presentation at CodeMash 2014
Python Through the Back Door: Netflix Presentation at CodeMash 2014royrapoport
 
Using Apache Spark and MySQL for Data Analysis
Using Apache Spark and MySQL for Data AnalysisUsing Apache Spark and MySQL for Data Analysis
Using Apache Spark and MySQL for Data AnalysisSveta Smirnova
 
Finding an unusual cause of max_user_connections in MySQL
Finding an unusual cause of max_user_connections in MySQLFinding an unusual cause of max_user_connections in MySQL
Finding an unusual cause of max_user_connections in MySQLOlivier Doucet
 
Wait! What’s going on inside my database? (PASS 2023 Update)
Wait! What’s going on inside my database? (PASS 2023 Update)Wait! What’s going on inside my database? (PASS 2023 Update)
Wait! What’s going on inside my database? (PASS 2023 Update)Jeremy Schneider
 
Cassandra Community Webinar | Getting Started with Apache Cassandra with Patr...
Cassandra Community Webinar | Getting Started with Apache Cassandra with Patr...Cassandra Community Webinar | Getting Started with Apache Cassandra with Patr...
Cassandra Community Webinar | Getting Started with Apache Cassandra with Patr...DataStax Academy
 
Reactor, Reactive streams and MicroServices
Reactor, Reactive streams and MicroServicesReactor, Reactive streams and MicroServices
Reactor, Reactive streams and MicroServicesStéphane Maldini
 
“Purikura” culture in Japan and our web application architecture
“Purikura” culture in Japan and our web application architecture“Purikura” culture in Japan and our web application architecture
“Purikura” culture in Japan and our web application architectureKoichi Sakata
 
Tears for quantum fears
Tears for quantum fearsTears for quantum fears
Tears for quantum fearsMark Carney
 
Getting started with Cassandra 2.1
Getting started with Cassandra 2.1Getting started with Cassandra 2.1
Getting started with Cassandra 2.1Viswanath J
 
Streaming Trend Discovery: Real-Time Discovery in a Sea of Events with Scott ...
Streaming Trend Discovery: Real-Time Discovery in a Sea of Events with Scott ...Streaming Trend Discovery: Real-Time Discovery in a Sea of Events with Scott ...
Streaming Trend Discovery: Real-Time Discovery in a Sea of Events with Scott ...Databricks
 
HBaseCon 2013: OpenTSDB at Box
HBaseCon 2013: OpenTSDB at BoxHBaseCon 2013: OpenTSDB at Box
HBaseCon 2013: OpenTSDB at BoxCloudera, Inc.
 

Similaire à No one listens to my podcast (a kibana story) (20)

Harmony intune final
Harmony intune finalHarmony intune final
Harmony intune final
 
Playing in Tune: How We Refactored Cube to Terabyte Scale
Playing in Tune: How We Refactored Cube to Terabyte ScalePlaying in Tune: How We Refactored Cube to Terabyte Scale
Playing in Tune: How We Refactored Cube to Terabyte Scale
 
Kubernetes Native Java
Kubernetes Native JavaKubernetes Native Java
Kubernetes Native Java
 
London devops logging
London devops loggingLondon devops logging
London devops logging
 
1404 app dev series - session 8 - monitoring & performance tuning
1404 app dev series - session 8 - monitoring & performance tuning1404 app dev series - session 8 - monitoring & performance tuning
1404 app dev series - session 8 - monitoring & performance tuning
 
Ben Coverston - The Apache Cassandra Project
Ben Coverston - The Apache Cassandra ProjectBen Coverston - The Apache Cassandra Project
Ben Coverston - The Apache Cassandra Project
 
ScaleCamp 2009 - Last.fm vs Xbox
ScaleCamp 2009 - Last.fm vs XboxScaleCamp 2009 - Last.fm vs Xbox
ScaleCamp 2009 - Last.fm vs Xbox
 
Fine grained monitoring
Fine grained monitoringFine grained monitoring
Fine grained monitoring
 
Python Through the Back Door: Netflix Presentation at CodeMash 2014
Python Through the Back Door: Netflix Presentation at CodeMash 2014Python Through the Back Door: Netflix Presentation at CodeMash 2014
Python Through the Back Door: Netflix Presentation at CodeMash 2014
 
Using Apache Spark and MySQL for Data Analysis
Using Apache Spark and MySQL for Data AnalysisUsing Apache Spark and MySQL for Data Analysis
Using Apache Spark and MySQL for Data Analysis
 
Collecting 600M events/day
Collecting 600M events/dayCollecting 600M events/day
Collecting 600M events/day
 
Finding an unusual cause of max_user_connections in MySQL
Finding an unusual cause of max_user_connections in MySQLFinding an unusual cause of max_user_connections in MySQL
Finding an unusual cause of max_user_connections in MySQL
 
Wait! What’s going on inside my database? (PASS 2023 Update)
Wait! What’s going on inside my database? (PASS 2023 Update)Wait! What’s going on inside my database? (PASS 2023 Update)
Wait! What’s going on inside my database? (PASS 2023 Update)
 
Cassandra Community Webinar | Getting Started with Apache Cassandra with Patr...
Cassandra Community Webinar | Getting Started with Apache Cassandra with Patr...Cassandra Community Webinar | Getting Started with Apache Cassandra with Patr...
Cassandra Community Webinar | Getting Started with Apache Cassandra with Patr...
 
Reactor, Reactive streams and MicroServices
Reactor, Reactive streams and MicroServicesReactor, Reactive streams and MicroServices
Reactor, Reactive streams and MicroServices
 
“Purikura” culture in Japan and our web application architecture
“Purikura” culture in Japan and our web application architecture“Purikura” culture in Japan and our web application architecture
“Purikura” culture in Japan and our web application architecture
 
Tears for quantum fears
Tears for quantum fearsTears for quantum fears
Tears for quantum fears
 
Getting started with Cassandra 2.1
Getting started with Cassandra 2.1Getting started with Cassandra 2.1
Getting started with Cassandra 2.1
 
Streaming Trend Discovery: Real-Time Discovery in a Sea of Events with Scott ...
Streaming Trend Discovery: Real-Time Discovery in a Sea of Events with Scott ...Streaming Trend Discovery: Real-Time Discovery in a Sea of Events with Scott ...
Streaming Trend Discovery: Real-Time Discovery in a Sea of Events with Scott ...
 
HBaseCon 2013: OpenTSDB at Box
HBaseCon 2013: OpenTSDB at BoxHBaseCon 2013: OpenTSDB at Box
HBaseCon 2013: OpenTSDB at Box
 

Plus de OpenSource Connections

How To Structure Your Search Team for Success
How To Structure Your Search Team for SuccessHow To Structure Your Search Team for Success
How To Structure Your Search Team for SuccessOpenSource Connections
 
The right path to making search relevant - Taxonomy Bootcamp London 2019
The right path to making search relevant - Taxonomy Bootcamp London 2019The right path to making search relevant - Taxonomy Bootcamp London 2019
The right path to making search relevant - Taxonomy Bootcamp London 2019OpenSource Connections
 
Haystack 2019 Lightning Talk - The Future of Quepid - Charlie Hull
Haystack 2019 Lightning Talk - The Future of Quepid - Charlie HullHaystack 2019 Lightning Talk - The Future of Quepid - Charlie Hull
Haystack 2019 Lightning Talk - The Future of Quepid - Charlie HullOpenSource Connections
 
Haystack 2019 Lightning Talk - State of Apache Tika - Tim Allison
Haystack 2019 Lightning Talk - State of Apache Tika - Tim AllisonHaystack 2019 Lightning Talk - State of Apache Tika - Tim Allison
Haystack 2019 Lightning Talk - State of Apache Tika - Tim AllisonOpenSource Connections
 
Haystack 2019 Lightning Talk - Relevance on 17 million full text documents - ...
Haystack 2019 Lightning Talk - Relevance on 17 million full text documents - ...Haystack 2019 Lightning Talk - Relevance on 17 million full text documents - ...
Haystack 2019 Lightning Talk - Relevance on 17 million full text documents - ...OpenSource Connections
 
Haystack 2019 Lightning Talk - Solr Cloud on Kubernetes - Manoj Bharadwaj
Haystack 2019 Lightning Talk - Solr Cloud on Kubernetes - Manoj BharadwajHaystack 2019 Lightning Talk - Solr Cloud on Kubernetes - Manoj Bharadwaj
Haystack 2019 Lightning Talk - Solr Cloud on Kubernetes - Manoj BharadwajOpenSource Connections
 
Haystack 2019 Lightning Talk - Quaerite a Search relevance evaluation toolkit...
Haystack 2019 Lightning Talk - Quaerite a Search relevance evaluation toolkit...Haystack 2019 Lightning Talk - Quaerite a Search relevance evaluation toolkit...
Haystack 2019 Lightning Talk - Quaerite a Search relevance evaluation toolkit...OpenSource Connections
 
Haystack 2019 - Search-based recommendations at Politico - Ryan Kohl
Haystack 2019 - Search-based recommendations at Politico - Ryan KohlHaystack 2019 - Search-based recommendations at Politico - Ryan Kohl
Haystack 2019 - Search-based recommendations at Politico - Ryan KohlOpenSource Connections
 
Haystack 2019 - Search with Vectors - Simon Hughes
Haystack 2019 - Search with Vectors - Simon HughesHaystack 2019 - Search with Vectors - Simon Hughes
Haystack 2019 - Search with Vectors - Simon HughesOpenSource Connections
 
Haystack 2019 - Natural Language Search with Knowledge Graphs - Trey Grainger
Haystack 2019 - Natural Language Search with Knowledge Graphs - Trey GraingerHaystack 2019 - Natural Language Search with Knowledge Graphs - Trey Grainger
Haystack 2019 - Natural Language Search with Knowledge Graphs - Trey GraingerOpenSource Connections
 
Haystack 2019 - Search Logs + Machine Learning = Auto-Tagging Inventory - Joh...
Haystack 2019 - Search Logs + Machine Learning = Auto-Tagging Inventory - Joh...Haystack 2019 - Search Logs + Machine Learning = Auto-Tagging Inventory - Joh...
Haystack 2019 - Search Logs + Machine Learning = Auto-Tagging Inventory - Joh...OpenSource Connections
 
Haystack 2019 - Improving Search Relevance with Numeric Features in Elasticse...
Haystack 2019 - Improving Search Relevance with Numeric Features in Elasticse...Haystack 2019 - Improving Search Relevance with Numeric Features in Elasticse...
Haystack 2019 - Improving Search Relevance with Numeric Features in Elasticse...OpenSource Connections
 
Haystack 2019 - Architectural considerations on search relevancy in the conte...
Haystack 2019 - Architectural considerations on search relevancy in the conte...Haystack 2019 - Architectural considerations on search relevancy in the conte...
Haystack 2019 - Architectural considerations on search relevancy in the conte...OpenSource Connections
 
Haystack 2019 - Custom Solr Query Parser Design Option, and Pros & Cons - Ber...
Haystack 2019 - Custom Solr Query Parser Design Option, and Pros & Cons - Ber...Haystack 2019 - Custom Solr Query Parser Design Option, and Pros & Cons - Ber...
Haystack 2019 - Custom Solr Query Parser Design Option, and Pros & Cons - Ber...OpenSource Connections
 
Haystack 2019 - Establishing a relevance focused culture in a large organizat...
Haystack 2019 - Establishing a relevance focused culture in a large organizat...Haystack 2019 - Establishing a relevance focused culture in a large organizat...
Haystack 2019 - Establishing a relevance focused culture in a large organizat...OpenSource Connections
 
Haystack 2019 - Solving for Satisfaction: Introduction to Click Models - Eliz...
Haystack 2019 - Solving for Satisfaction: Introduction to Click Models - Eliz...Haystack 2019 - Solving for Satisfaction: Introduction to Click Models - Eliz...
Haystack 2019 - Solving for Satisfaction: Introduction to Click Models - Eliz...OpenSource Connections
 
2019 Haystack - How The New York Times Tackles Relevance - Jeremiah Via
2019 Haystack - How The New York Times Tackles Relevance - Jeremiah Via2019 Haystack - How The New York Times Tackles Relevance - Jeremiah Via
2019 Haystack - How The New York Times Tackles Relevance - Jeremiah ViaOpenSource Connections
 

Plus de OpenSource Connections (20)

Encores
EncoresEncores
Encores
 
Test driven relevancy
Test driven relevancyTest driven relevancy
Test driven relevancy
 
How To Structure Your Search Team for Success
How To Structure Your Search Team for SuccessHow To Structure Your Search Team for Success
How To Structure Your Search Team for Success
 
The right path to making search relevant - Taxonomy Bootcamp London 2019
The right path to making search relevant - Taxonomy Bootcamp London 2019The right path to making search relevant - Taxonomy Bootcamp London 2019
The right path to making search relevant - Taxonomy Bootcamp London 2019
 
Payloads and OCR with Solr
Payloads and OCR with SolrPayloads and OCR with Solr
Payloads and OCR with Solr
 
Haystack 2019 Lightning Talk - The Future of Quepid - Charlie Hull
Haystack 2019 Lightning Talk - The Future of Quepid - Charlie HullHaystack 2019 Lightning Talk - The Future of Quepid - Charlie Hull
Haystack 2019 Lightning Talk - The Future of Quepid - Charlie Hull
 
Haystack 2019 Lightning Talk - State of Apache Tika - Tim Allison
Haystack 2019 Lightning Talk - State of Apache Tika - Tim AllisonHaystack 2019 Lightning Talk - State of Apache Tika - Tim Allison
Haystack 2019 Lightning Talk - State of Apache Tika - Tim Allison
 
Haystack 2019 Lightning Talk - Relevance on 17 million full text documents - ...
Haystack 2019 Lightning Talk - Relevance on 17 million full text documents - ...Haystack 2019 Lightning Talk - Relevance on 17 million full text documents - ...
Haystack 2019 Lightning Talk - Relevance on 17 million full text documents - ...
 
Haystack 2019 Lightning Talk - Solr Cloud on Kubernetes - Manoj Bharadwaj
Haystack 2019 Lightning Talk - Solr Cloud on Kubernetes - Manoj BharadwajHaystack 2019 Lightning Talk - Solr Cloud on Kubernetes - Manoj Bharadwaj
Haystack 2019 Lightning Talk - Solr Cloud on Kubernetes - Manoj Bharadwaj
 
Haystack 2019 Lightning Talk - Quaerite a Search relevance evaluation toolkit...
Haystack 2019 Lightning Talk - Quaerite a Search relevance evaluation toolkit...Haystack 2019 Lightning Talk - Quaerite a Search relevance evaluation toolkit...
Haystack 2019 Lightning Talk - Quaerite a Search relevance evaluation toolkit...
 
Haystack 2019 - Search-based recommendations at Politico - Ryan Kohl
Haystack 2019 - Search-based recommendations at Politico - Ryan KohlHaystack 2019 - Search-based recommendations at Politico - Ryan Kohl
Haystack 2019 - Search-based recommendations at Politico - Ryan Kohl
 
Haystack 2019 - Search with Vectors - Simon Hughes
Haystack 2019 - Search with Vectors - Simon HughesHaystack 2019 - Search with Vectors - Simon Hughes
Haystack 2019 - Search with Vectors - Simon Hughes
 
Haystack 2019 - Natural Language Search with Knowledge Graphs - Trey Grainger
Haystack 2019 - Natural Language Search with Knowledge Graphs - Trey GraingerHaystack 2019 - Natural Language Search with Knowledge Graphs - Trey Grainger
Haystack 2019 - Natural Language Search with Knowledge Graphs - Trey Grainger
 
Haystack 2019 - Search Logs + Machine Learning = Auto-Tagging Inventory - Joh...
Haystack 2019 - Search Logs + Machine Learning = Auto-Tagging Inventory - Joh...Haystack 2019 - Search Logs + Machine Learning = Auto-Tagging Inventory - Joh...
Haystack 2019 - Search Logs + Machine Learning = Auto-Tagging Inventory - Joh...
 
Haystack 2019 - Improving Search Relevance with Numeric Features in Elasticse...
Haystack 2019 - Improving Search Relevance with Numeric Features in Elasticse...Haystack 2019 - Improving Search Relevance with Numeric Features in Elasticse...
Haystack 2019 - Improving Search Relevance with Numeric Features in Elasticse...
 
Haystack 2019 - Architectural considerations on search relevancy in the conte...
Haystack 2019 - Architectural considerations on search relevancy in the conte...Haystack 2019 - Architectural considerations on search relevancy in the conte...
Haystack 2019 - Architectural considerations on search relevancy in the conte...
 
Haystack 2019 - Custom Solr Query Parser Design Option, and Pros & Cons - Ber...
Haystack 2019 - Custom Solr Query Parser Design Option, and Pros & Cons - Ber...Haystack 2019 - Custom Solr Query Parser Design Option, and Pros & Cons - Ber...
Haystack 2019 - Custom Solr Query Parser Design Option, and Pros & Cons - Ber...
 
Haystack 2019 - Establishing a relevance focused culture in a large organizat...
Haystack 2019 - Establishing a relevance focused culture in a large organizat...Haystack 2019 - Establishing a relevance focused culture in a large organizat...
Haystack 2019 - Establishing a relevance focused culture in a large organizat...
 
Haystack 2019 - Solving for Satisfaction: Introduction to Click Models - Eliz...
Haystack 2019 - Solving for Satisfaction: Introduction to Click Models - Eliz...Haystack 2019 - Solving for Satisfaction: Introduction to Click Models - Eliz...
Haystack 2019 - Solving for Satisfaction: Introduction to Click Models - Eliz...
 
2019 Haystack - How The New York Times Tackles Relevance - Jeremiah Via
2019 Haystack - How The New York Times Tackles Relevance - Jeremiah Via2019 Haystack - How The New York Times Tackles Relevance - Jeremiah Via
2019 Haystack - How The New York Times Tackles Relevance - Jeremiah Via
 

Dernier

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfhans926745
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdfChristopherTHyatt
 

Dernier (20)

08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 

No one listens to my podcast (a kibana story)

  • 1. No one listens to my podcast a Kibana story Matt Overstreet ! | opensourceconnections.com "
  • 2. Things I Have: • A Podcast • Some Logs • Kibana Matt Overstreet ! | opensourceconnections.com "
  • 3. Let’s do this! Matt Overstreet ! | opensourceconnections.com "
  • 4. Put them all in a folder $ ls -l drwxr-xr-x@ 12 matt staff 408B Apr 24 13:07 elasticsearch drwxr-xr-x@ 16 matt staff 544B Apr 17 12:04 kibana drwxr-xr-x 4672 matt staff 155K Apr 24 14:19 logs drwxr-xr-x@ 20 matt staff 680B Apr 24 22:55 logstash Matt Overstreet ! | opensourceconnections.com "
  • 5. Start Elasticsearch cd elasticsearch/ bin/elasticsearch Matt Overstreet ! | opensourceconnections.com "
  • 6. Start Kibana cd kibana and bin/kibana Matt Overstreet ! | opensourceconnections.com "
  • 7. It Works! Matt Overstreet ! | opensourceconnections.com "
  • 8. Let’s look at the data time_micros c_ip ciptype cipregion cs_method cs_uri sc_status cs_bytes sc_bytes timetakenmicros cs_host cs_referer csuseragent srequestid cs_operation cs_bucket cs_object 1488343917672 486 173.66.45.75 1 GET search- discomagic- bullet.mp3 206 0 2 225000 storage.googlea pis.com AppleCoreMedia /1.0.0.14D27 (iPhone; U; CPU OS 1021 like Mac OS X; enus)AEnB2Uqwr MFQZw537yrbZH Z823C8Z0RjigtS wcunEQloBUpX3 noZow1KxBB0LT Wt_bDeuBoQm9 ex9dIaQhQZE2A 1xtjujaRRA GET_Object search-disco magic-bullet.mp3 1488343978304 277 173.66.45.75 1 GET search- discosolr-6- release.mp3 206 0 2 313000 storage.googlea pis.com itunesstored1.0 iOS/10.2.1 modeliPhone5,1 hwp/s5l8950x build/14D27 (6; dt:79) AEnB2UoemzAN LH64amvUXetx4 Kj8jyHIOPzDesr0 XOTI4ziC8Rf06d mbVcDpHu4h8z gMgLYVUHeggsv 0PeT6vnsNmVK M5iVvdA GET_Object search-disco solr-6- release.mp3 1488344010045 421 173.66.45.75 1 GET search- discofacets-and- search-ui.mp3 200 0 65202388 30813000 storage.googlea pis.com AppleCoreMedia /1.0.0.14D27 (iPhone; U; CPU OS 1021 like Mac OS X; en_us) AEnB2UqmhUom _JGo2yWqGpS- f8PhjUTLsF7fmlt4 gEbDQovE- JxchtEeZInvW7D J8tiVpQyTC0qES Ljq1SpJm7f8V2c LrKs6dA GET_Object search-disco facets-and- search-ui.mp3 1488344052519 416 173.66.45.75 1 GET search- discosolr-6- release.mp3 206 0 2 112000 storage.googlea pis.com AppleCoreMedia /1.0.0.14D27 (iPhone; U; CPU OS 1021 like Mac OS X; en_us) AEnB2UpOEjiiFk bPSpFkimlQUKb _POvFr85oceSWf ZrKiWUsCMkuqe WlABVzQAkFK6t 0Mixl1RtA0BJXh EczxleLv5Z6pgTw GET_Object search-disco solr-6- release.mp3 Matt Overstreet ! | opensourceconnections.com "
  • 9. Lets build a Logstash config! input { file { path => "/Users/matt/Documents/code/podcast/logs/search_disco_usage*v0" } } filter { csv { columns => ["time_micros","c_ip","c_ip_type","c_ip_region","cs_method", "cs_uri","sc_status","cs_bytes","sc_bytes","time_taken_micros", "cs_host","cs_referer","cs_user_agent","s_request_id", "cs_operation","cs_bucket","cs_object"] separator => "," } } output { elasticsearch { hosts => "localhost" index => "logstash-sd" } } Matt Overstreet ! | opensourceconnections.com "
  • 10. Input input { file { path => "/Users/matt/Documents/code/podcast/logs/search_disco_usage*v0" } } Matt Overstreet ! | opensourceconnections.com "
  • 11. Filter filter { csv { columns => ["time_micros","c_ip","c_ip_type","c_ip_region","cs_method", "cs_uri","sc_status","cs_bytes","sc_bytes","time_taken_micros", "cs_host","cs_referer","cs_user_agent","s_request_id", "cs_operation","cs_bucket","cs_object"] separator => "," } } Matt Overstreet ! | opensourceconnections.com "
  • 12. Output output { elasticsearch { hosts => "localhost" index => "logstash-sd" } } Matt Overstreet ! | opensourceconnections.com "
  • 13. Timestamps We need to specify a timestamp for Kibana, but we have a problem! Our time data is in Microseconds!? time_microseconds 1488343917672486 Matt Overstreet ! | opensourceconnections.com "
  • 14. Logstash doesn't handle microseconds Matt Overstreet ! | opensourceconnections.com "
  • 15. No problem, add ruby filter { # prepare our time series data ruby { code => "event.set('time_micros', event.get('time_micros').to_i / 1000)" } # use it as a timestamp date { match => [ "time_micros", "UNIX_MS" ] } } Matt Overstreet ! | opensourceconnections.com "
  • 16. Stash some logs! cd logstash bin/logstash -f config/seachdisco.conf Matt Overstreet ! | opensourceconnections.com "
  • 17. Back to Kibana Matt Overstreet ! | opensourceconnections.com "
  • 18. Matt Overstreet ! | opensourceconnections.com "
  • 19. Create a Visualization Matt Overstreet ! | opensourceconnections.com "
  • 20. Add a Sub-bucket Matt Overstreet ! | opensourceconnections.com "
  • 21. Improvements Matt Overstreet ! | opensourceconnections.com "
  • 22. What if Someone Digs Into the Back Catalog? Let's build a better Y-axis filter { mutate { add_field => { 'request_id' => "%{c_ip}-%{cs_object}" } } } Matt Overstreet ! | opensourceconnections.com "
  • 23. Matt Overstreet ! | opensourceconnections.com "
  • 24. Add a Map filter { geoip { source => "c_ip" target => "geoip" } } Matt Overstreet ! | opensourceconnections.com "
  • 25. Doing more with plugins Matt Overstreet ! | opensourceconnections.com "
  • 26. Parsing user agents filter { useragent { source => 'cs_user_agent' target => 'user_agent' } } Matt Overstreet ! | opensourceconnections.com "
  • 27. Anonymizing IP’s Install a plugin $ bin/logstash-plugin install logstash-filter-anonymize Add a filter filter { anonymize { fields => ['request_id'] key => 'arbitrary' } mutate { remove_field => [ 'c_ip' ] } } Matt Overstreet ! | opensourceconnections.com "
  • 28. Final Filter Block & Thanks filter { csv { columns => ["time_micros","c_ip","c_ip_type","c_ip_region","cs_method","cs_uri","sc_status","cs_bytes","sc_bytes", "time_taken_micros","cs_host","cs_referer","cs_user_agent","s_request_id","cs_operation","cs_bucket","cs_object"] separator => "," } # ignore API calls to upload/manipulate data if [cs_user_agent] =~ "google-api-python-client" { drop {} } ruby { # do some calculation code => "event.set('time_micros', event.get('time_micros').to_i / 1000)" } date { match => [ "time_micros", "UNIX_MS" ] } mutate { add_field => { 'request_id' => "%{c_ip}-%{cs_object}" } } geoip { source => "c_ip" target => "geoip" } useragent { source => 'cs_user_agent' target => 'user_agent' } anonymize { fields => ['request_id'] key => 'arbitrary' } mutate { remove_field => [ 'c_ip' ] } } Matt Overstreet ! | opensourceconnections.com "