One of the less used features of Logscape, is the groovy script action when alerting. Despite how powerful this feature is, it’s often left by the wayside. Today we’re going to walk through using the groovy event to log the alerts to a channel on your slack server. Continue reading
In this blog post we’re going to be looking at what some people might call “big” data. No that doesn’t mean big in the conventional sense, it means big in the sense that the single file dataset is 10 Gb in size, and I wanted to make a “big data” pun.
The data in question is a record of NYC’s 311 complaints since 2010, the 6th most popular dataset on the opendata website. “311” is a complaints hotline in NYC, for those interested in following along or investigating the data themselves, it is freely available from the open data website.
Today we’re going to cover
- Creating a data source and importing the data
- First look at the data to determine interesting fields
- Some basic visualisations of the data.
In my ever onward quest to show to the world how easy it is to get up and started with Logscape, today I’m going to use a Logscape docker container in order to build visualisations based off some publicly available CSV files in no time at all. If you’ve never used the Logscape docker image, then check out my previous blog.
For a long time, we’ve had the web app available on our app repository – This covers Nginx, Apache and a whole host of other formats, and whilst functional, it hasn’t been touched in a long time, so it looks a little bit less than pretty.
Given the popularity of Apache and NGINX, and the fact they both use the same out of the box log format, we’re going to give them a dedicated app, and a brand new look.
We’re hoping this works out for everyone. If you’re currently using the existing web app you can continue to do so. But if you’re specifically running NGINX or Apache, and want a change of pace, then read on.
It’s finally that day, Logscape is now on docker hub. As such I’m going to be walking you through the process of getting Logscape running, and once you’ve got the hang of it, you’ll be able to download, run and start using Logscape all within 60 seconds. Monitoring in a heart beat. Continue reading
Congratulations! You finally have the go ahead from Management to expand your Logscape environment. You need to scale up from a few test machines to a larger environment. Unfortunately, you ran your proof of concept from Steve’s Dev machine. Or perhaps you underestimated the volume of data and urgently need faster disks to improve performance. You’re going to need to migrate your Logscape Manager to a new server, which is precisely why you’re reading this guide…
Preparation – What you will need:
Source Manager: The manager you are migrating from.
Target Manager: The manager you are migrating to.
LDAP Credentials (Optional but recommended)
SSL Certificates and Credentials (Optional but recommended)
Make sure that you are running the same version of Logscape on the Source and Target – as always we recommend using the latest version.
The following guide assumes you are using 3.1 or greater – if not, upgrade to 3.1 before you start.
Computers break… it’s a fact of life! Sometimes it’s a nice quick fix, such as the one cunningly suggested by Randall Munroe. Sometimes it can take hours of trawling through logs. Regardless of the reason, in an ideal world,you want to fix the problem as soon as possible; but the next best thing is to have a Failover – another server that works just as well!
In a Logscape environment, your Management agent is the central point of your environment. It controls alerts, provides users access and runs the entire system: without it, you have nothing. So how do you make sure that your environment is resilient against a Management Agent failure? Simple… you add another one!
The recent 3.2 Logscape release has added new and improved Failover capabilities, making it easier to provide a seamless environment for your users. Having recently implemented this feature in my environment, I thought I’d share with you both the benefits – and the possible pitfalls – of installing this useful bit of kit.
You will need:
- An existing Logscape Environment with a subscription (Failover is not supported without a license) running at least version 3.2.
- A server you wish to make your new Failover Agent.
- A little bit of understanding about ports
- A pinch of bravery.
A Logscape Agents is incredibly powerful: it might be a Forwarder shipping data or an IndexStore receiving it. It might even be a Management Agent providing the web front end. Regardless of what it may become, they all start from the boot.properties file. This small, innocuous looking file sitting in the Logscape folder is what makes the difference between a powerful, resource consuming Manager and a small, lightweight forwarder. Here are 5 useful tips for dealing with this file. Continue reading