Elasticsearch: Mining Metrics from Logs

A presentation at Stoke-On-Tech October 2018 in October 2018 in Stoke-on-Trent, UK by Jonathan Relf

Seeing Inside
We need to be able to see inside software to know its working ok. Any inspection has a cost. We should be as concise & low impact as possible.

Metrics with Metadata
One solution that I’ve seen used with great success is a log document that’s like a “metric with metadata”. If there’s one thing to take away from today it’s this phrase.

Jonathan Relf
@jonathanrelf

1 / 39

Resources

The following resources were mentioned during the presentation or are useful additional information.

Using Elasticsearch to Detect Signs of Ransomware like WannaCry

This is the blog I was referring to last night where they were able to determine the path of infection from a virus or ransomware attack. This doesn't include the Graph visualisation I referred to.

Buzz and feedback

Here’s what was said about this presentation on social media.

In the speaker spotlight today is @jbjon who will be discussing '#Elasticsearch: Mining metrics from logs' at our meetup THIS THURSDAY!👍 Head over to the #meetup page to RSVP now ▶️▶️https://t.co/e0GCDBUuD6 pic.twitter.com/vzBc5CNiaz
— Stoke On Tech (@StokeOnTech_) October 16, 2018
What a great event! Big thank you to everyone who attended last night😁
One of our best turn outs yet...also a HUGE thank you to our speakers @mattsatongar and @jbjon 🙌🍕 There was definitely no pizza left over this morning😛 #Stoke #Meetup #FutureTech #ElasticSearch pic.twitter.com/sonh7HUqeM
— Stoke On Tech (@StokeOnTech_) October 19, 2018
Really enjoyed @StokeOnTech last night, organised by @OCCRecruitment. Two great talks from @jbjon and @mattsatongar. Thanks also to @wavemakerstoke for the wonderful venue. #Stoke #Meetup #futuretech #Elasticsearch https://t.co/2qzdolyUAj
— Tom Brookshaw (@tombrookshawOCC) October 19, 2018
Great. Was a good explanation. I'm the embedded software guy. My main problem with devops is often the introductory stuff is completely opaque. We're still not using C11 as an industry, so devops being less than a decade old is hard to sell.
— Tactical Carly Rae Jepsen stan account for men (@peterdroberts) October 19, 2018

Elasticsearch: Mining Metrics from Logs

ELASTICSEARCH: MINING METRICS FROM LOGS

About Commify

Title Slide

Seeing Inside

The Power of Logs

The Trouble with Logs

The Power of Metrics

The Trouble with Metrics

Initial reaction to metrics

The start of metrics at Esendex

'Pulse'

'Pulse' - zoomed

Shifting balance

Elastic Stack

Centralised Logging

Metrics with Metadata

Json Log documents

Correlations: 15 minute snapshot

Sample Metrics

Sample Metics - zoomed

Drilling down

Drilling down - zoomed

Kibana in action

Visualisation drill-downs

Dashboards

Using Elasticsearch with Grafana

Challenges

Next Steps

Timelion

Timelion screenshot

Machine Learning

Machine Learning screenshot

Elastic Stack benefits

Metrics with metadata proposition

Elastic Stack power

Additional X-Pack benefits

Summary

Questions?

About Me

Link for this presentation:

HTML code for embedding:

Share on social media:

Using Elasticsearch to Detect Signs of Ransomware like WannaCry