I recently took part in the GCP Podcast, along with my colleague Oscar Guerrero. On the podcast we spoke about Audit Logging, which is a critical security feature of GCP.
Be sure to check out the podcast episode.
This is a post following up on my Monitorama Baltimore 2019 talk.
Logging and Monitoring systems — Observability Systems, if you prefer — often seem to struggle to meet the needs of their users.
Continue reading Logging and Monitoring systems are hard to code
It was great to speak at devopsdays in Galway. I really enjoyed bringing my recent Monitorama 2019 talk to my home town.
A video of the talk has now been posted.
I will be joining my colleague from Google, Nathen Harvey, to speak in Galway at devopsdays on November 18th and 19th.
I’m really looking forward to returning to my home town, and bringing my Monitorama Baltimore 2019 talk to the conference.
Monitorama Baltimore 2019 was a great experience, and I really enjoyed the opportunity to speak.
I spoke about why Observability and Monitoring sytems struggle to meet their goals, and why they are so hard to build.
The slides and video of the talk are now available.
A new version of Ekanite, the syslog server with built-in search, has been released. v1.3.0 includes some bug fixes, including to shard management. It also moves Ekanite to Go 1.9.
You can download v1.3.0 from the GitHub releases page.
A new version of Ekanite, the syslog server with built-in search, has been released. v1.2.3 includes a fix to the diagnostic output.
You can download v1.2.3 from the GitHub releases page.
A new version of Ekanite, the syslog server with built-in search, has been released. v1.2.1 includes a very important bug fix, for an issue that affected TCP operation.
You can download v1.2.1 from the GitHub releases page.
A new version of Ekanite, the syslog server with built-in search, has been released. v1.2.0 includes some minor fixes and improvements.
You can download v1.2.0 from the GitHub releases page.
A new version of Ekanite, the syslog server with built-in search, has been released. v1.1.0 includes an important bug fix related to TCP connection handling, as well as some other minor fixes and improvements.
You can download v1.1.0 from the GitHub releases page.
Ekanite is an open-source Syslog server with built in log search. Thanks to some nice work by Fabian Zaremba, Ekanite now supports searching your logs via a browser.
If you’d like to understand more about the design and development of Ekanite, check out this series of posts.
It’s been 18 months since the first commit to my first significant Go project — syslog-gollector. After an initial burst of activity to create a functional Syslog Collector that streamed to Apache Kafka, the source code hadn’t been updated much since. But today I received a report that it no longer built, so I spent some time porting the code to the latest Shopify Sarama framework.
It was amusing to see how naive much of my early Go code was.
Continue reading Revisiting syslog-gollector
This is the last part of a 3-part series “Designing and building a search system for log data”. Be sure to check out part 1 and part 2.
In the last post we examined the design and implementation of Ekanite, a system for indexing log data, and making that data available for search in near-real-time. Is this final post let’s see Ekanite in action.
Continue reading Designing a search system for log data — part 3
This is the second part of a 3-part series “Designing and building a search system for log data”. Be sure to check out part 1. Part 3 follows this post.
In the previous post I outlined some of the high-level requirements for a system that indexed log data, and makes that data available for search, all in near-real-time. Satisfying these requirements involves making trade-offs, and sometimes there are no easy answers.
Continue reading Designing a search system for log data — part 2
This is the first part of a 3-part series “Designing and building a search system for log data”. Part 2 is here, and part 3 is here.
For the past few years, I’ve been building indexing and search systems, for various types of data, and often at scale. It’s fascinating work — only at scale does O(n) really come alive. Developing embedded systems teaches you how computers really work, but working on search systems and databases teaches you that algorithms really do matter.
Continue reading Designing a search system for log data — part 1
I’ve started coding in Go (golang), and I received some advice recently from Robert Griesemer, whom I was fortunate enough to sit beside at a recent Go Meetup. To learn Go, Robert suggested that I code a solution in Go for a problem I had previously solved in a different language.
Continue reading Writing a Syslog Collector in Go
AWS have posted the video online of Jim Nisbet’s and my talk at AWS:reinvent 2013. In it, Jim and I describe the system we built at Loggly, which uses Apache Kafka, Twitter Storm, and elasticseach, to build a high-performance log aggregation and analytics SaaS solution, running on AWS EC2.
Continue reading Infrastructure at Scale: Apache Kafka, Twitter Storm and elasticsearch
After 14 months of hard work, the next generation of Loggly has been released. It’s been a great time to be part of the Software Infrastructure team at Loggly and we have put together a superb log aggregation & real-time analytics platform.
We used a combination of custom log Collectors, Apache Kafka, Twitter Storm, ElasticSearch, and lots of secret sauce. You can find more details about the technology stack from my Loggly blog post.
I recently wrote my first post for the Loggly blog. It illustrates why host machines are often the worst place to store the logs those machines are generating.
You can check it out here.