ChatOps | Alerting to Slack

groovy-logo-mediumOne of the less used features of Logscape, is the groovy script action when alerting. Despite how powerful this feature is, it’s often left by the wayside. Today we’re going to walk through using the groovy event to log the alerts to a channel on your slack server. Continue reading

Analysing and Visualising NYC 311 complaints

In this blog post we’re going to be looking at what some people might call “big” data. No that doesn’t mean big in the conventional sense, it means big in the sense that the single file dataset is 10 Gb in size, and I wanted to make a “big data” pun.

The data in question is a record of NYC’s 311 complaints since 2010, the 6th most popular dataset on the opendata website. “311” is a complaints hotline in NYC, for those interested in following along or investigating the data themselves, it is freely available from the open data website.

Today we’re going to cover

  • Creating a data source and importing the data
  • First look at the data to determine interesting fields
  • Some basic visualisations of the data.

Continue reading

Visualizing UK accident data with Logscape

In my ever onward quest to show to the world how easy it is to get up and started with Logscape, today I’m going to use a Logscape docker container in order to build visualisations based off some publicly available CSV files in no time at all. If you’ve never used the Logscape docker image, then check out my previous blog.

Today we’re going to be analysing data made available via the gov.uk website, which offers statistics for crashes in the UK for the year of 2015. The specific dataset is available for download here.

Continue reading

30 Seconds of reading, hours of watching – 10 monitoring talks everyone should see

Here at Logscape it should go without saying that monitoring is sort of a big deal. Some would even go as far as to say it’s even our “thing”. To go with that we’ve collated a collection, of what we think might be the best 10 monitoring talks people should watch. Regardless of whether you’re looking to implement a logging tool, build your own or are just a developer, these talks are worth the time.

Continue reading

Failover: Keeping your Environment alive!

Why Everything I Have Is Broken

Computers break… it’s a fact of life! Sometimes it’s a nice quick fix, such as the one cunningly suggested by Randall Munroe. Sometimes it can take hours of trawling through logs. Regardless of the reason, in an ideal world,you want to fix the problem as soon as possible; but the next best thing is to have a Failover – another server that works just as well!

In a Logscape environment, your Management agent is the central point of your environment. It controls alerts, provides users access and runs the entire system: without it, you have nothing. So how do you make sure that your environment is resilient against a Management Agent failure? Simple… you add another one!

The recent 3.2 Logscape release has added new and improved Failover capabilities, making it easier to provide a seamless environment for your users. Having recently implemented this feature in my environment, I thought I’d share with you both the benefits – and the possible pitfalls – of installing this useful bit of kit.

You will need:

  • An existing Logscape Environment with a subscription (Failover is not supported without a license) running at least version 3.2.
  • A server you wish to make your new Failover Agent.
  • A little bit of understanding about ports
  • A pinch of bravery.

Continue reading

Native JSON Support

json_bumper.sh-600x600Working with JSON in Logscape 3.2

Logscape 3.2 introduced native JSON support, meaning that when working with JSON data there’s no need for datatypes, instead Logscape automatically pulls the keys from your structure.

This removes the sometimes daunting configuration step, and instead lets you get straight down to business with visualising your data. With that in mind, today we’re going to be embracing our inner geek, and get to work visualising some JSON from the game EvE Online™.


 

Continue reading

Logscape 3.2 Touches Down

ssksLVBLogscape version 3.2 is now available for public download, you can get it now from the Logscape Website.

A brief rundown of Logscape 3.2 brings with it, and what we’re going to cover today…

  • File Explorer
  • JSON Support (Including JSON Arrays)
  • Failover Overhaul
  • Performance and Stability Changes

 


 

Continue reading

Converting Splunk Searches into Logscape

universal_converter_boxConverting Splunk searches into Logscape

Logscape and Splunk share a lot of overlap, and there is one question we get asked quite often by people looking to migrate from Splunk to Logscape.

 How do we convert Splunk searches and Workspaces into Logscape?

Unfortunately, there’s no magic cure or just click here style solution. Fortunately it is significantly easier than you think.

We’re going to cover converting Splunk searches into their Logscape equivalent.

Continue reading

boot.properties – 5 hints for Logscape Environments

A Logscape Agents is incredibly powerful: it might be a Forwarder shipping data or an IndexStore receiving it. It might even be a Management Agent providing the web front end. Regardless of what it may become, they all start from the boot.properties file. This small, innocuous looking file sitting in the Logscape folder is what makes the difference between a powerful, resource consuming Manager and a small, lightweight forwarder. Here are 5 useful tips for dealing with this file. Continue reading

Advanced data analytics and use-cases in Logscape

Introduction
self_descriptionLogscape Analytics’ are incredibly powerful, however, are you using them to their full potential? In this blog post we’re going to go over some of the less used analytics, show you how to use them, and hopefully inspire you to use your Logscape instance in new and exciting ways. So, without further ado let’s get into some searches. Continue reading