From: Alec Ten Harmsel <alec@alectenharmsel.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] alternative kernels
Date: Sat, 01 Nov 2014 11:50:44 -0400 [thread overview]
Message-ID: <54550154.4080408@alectenharmsel.com> (raw)
In-Reply-To: <CAGfcS_=yPXuLgU1DzkyiJRZqEc8_AfY-OJoohiO47JKbmgbjTQ@mail.gmail.com>
On 11/01/2014 05:47 AM, Rich Freeman wrote:
> On Fri, Oct 31, 2014 at 9:03 PM, Alec Ten Harmsel
> <alec@alectenharmsel.com> wrote:
>> You guys should check out the ELK stack:
>> http://www.elasticsearch.org/overview/
>>
>> Basically, transform logs to JSON with logstash, throw the JSON into
>> elastic search, and make plots with Kibana. We use it at work; it's
>> absolutely fantastic.
>>
> Hmm, as far as I can tell they don't actually have a parser for
> journal logs yet. With systemd the logs are already available in
> JSON, though I imagine it would be trivial to transform that to a
> different-looking JSON if necessary.
I should have been clearer; logstash is for transforming normal text
logs into JSON. With the systemd-journal logs already being JSON, I'm
sure they could be put straight into elastic search.
>
> I think it just reflects the fact that everybody is playing catch-up.
> Despite originating at Red Hat I suspect that the vast majority of
> those running systemd right now are the sorts of folks who don't run
> enterprise log monitoring suites. So, the pressure just isn't there
> yet to get all that stuff built.
Agreed. RHEL7 is brand new, I'm sure most people are still running RHEL
6.x and don't have systemd quite yet.
That said, I'm sure plenty of shops already have an ELK stack or some
other log aggregation in place and adding journal logs will not be too
difficult.
Alec
next prev parent reply other threads:[~2014-11-01 15:50 UTC|newest]
Thread overview: 63+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-26 19:09 [gentoo-user] alternative kernels Alexander Kapshuk
2014-10-26 19:23 ` Canek Peláez Valdés
2014-10-26 19:40 ` Alexander Kapshuk
2014-10-26 20:20 ` Rich Freeman
2014-10-26 20:45 ` Canek Peláez Valdés
2014-10-26 20:33 ` Giuseppe Pappalardo
2014-10-26 19:41 ` Canek Peláez Valdés
2014-10-26 19:43 ` Canek Peláez Valdés
2014-10-26 20:56 ` Giuseppe Pappalardo
2014-10-26 19:47 ` Volker Armin Hemmann
2014-10-26 19:52 ` Alexander Kapshuk
2014-10-26 19:56 ` Alec Ten Harmsel
2014-10-26 20:16 ` Canek Peláez Valdés
2014-10-26 20:21 ` Alexander Kapshuk
2014-10-26 20:42 ` Alan McKinnon
2014-10-26 20:48 ` Alexander Kapshuk
2014-10-26 20:46 ` Canek Peláez Valdés
2014-10-26 20:49 ` Alexander Kapshuk
2014-10-26 21:01 ` Volker Armin Hemmann
2014-10-26 21:16 ` Canek Peláez Valdés
2014-10-26 23:18 ` Volker Armin Hemmann
2014-10-26 23:41 ` Canek Peláez Valdés
2014-10-27 1:12 ` wabenbau
2014-10-27 1:35 ` Alec Ten Harmsel
2014-10-27 1:54 ` wabenbau
2014-10-29 19:08 ` Matti Nykyri
2014-10-26 21:34 ` Rich Freeman
2014-10-26 21:10 ` Alec Ten Harmsel
2014-10-26 21:23 ` Canek Peláez Valdés
2014-10-26 21:48 ` Alan McKinnon
2014-10-26 23:25 ` Volker Armin Hemmann
2014-10-30 7:56 ` J. Roeleveld
2014-10-30 10:31 ` Rich Freeman
2014-10-31 6:30 ` J. Roeleveld
2014-10-31 6:37 ` Canek Peláez Valdés
2014-10-31 7:11 ` J. Roeleveld
2014-10-31 8:22 ` Canek Peláez Valdés
2014-10-31 9:42 ` Gregory Woodbury
2014-10-31 11:05 ` Tanstaafl
2014-10-31 14:09 ` J. Roeleveld
2014-10-31 16:16 ` Peter Humphrey
2014-10-31 17:24 ` Volker Armin Hemmann
2014-10-31 17:53 ` Rich Freeman
2014-10-31 20:26 ` Neil Bothwick
2014-11-01 11:19 ` Peter Humphrey
2014-11-01 15:38 ` Neil Bothwick
2014-11-01 17:19 ` Peter Humphrey
2014-11-01 22:28 ` Neil Bothwick
2014-11-02 13:14 ` Volker Armin Hemmann
2014-11-02 15:28 ` Neil Bothwick
2014-11-03 2:09 ` Tom H
2014-11-03 8:36 ` Neil Bothwick
2014-11-02 23:05 ` Tom H
2014-11-03 0:46 ` Peter Humphrey
2014-11-03 2:26 ` Tom H
2014-10-31 22:09 ` Tom H
2014-10-31 22:30 ` Rich Freeman
2014-11-01 1:03 ` Alec Ten Harmsel
2014-11-01 9:47 ` Rich Freeman
2014-11-01 15:50 ` Alec Ten Harmsel [this message]
2014-11-03 1:54 ` Tom H
2014-11-03 1:40 ` Tom H
2014-11-03 0:22 ` Tom H
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54550154.4080408@alectenharmsel.com \
--to=alec@alectenharmsel.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox