Click here to close now.

Welcome!

Microservices Journal Authors: Liz McMillan, Elizabeth White, Pat Romanski, Carmen Gonzalez, XebiaLabs Blog

Related Topics: Microservices Journal, Java, Web 2.0

Microservices Journal: Blog Post

Why Creating Real-time Dashboards from Your Log Data Is a No-Brainer

Using log data visualizations to understand performance and usage

I recently came across a blog post on OpenOpsIQ asking the question: "With the introduction of real-time logging, why cant we have a single solution for monitoring the entire stack?" In my opinion, you can! As we have seen lately from a survey we carried out across a sample of the Logentries' 25,000+ user base, organizations are starting to apply logs for a wider range of use cases. So why would you do this, and why does using log data to create real-time dashboards for different views into your system make so much sense?

Here's a few reasons why I think creating dashboards from your logs is what I like to call a ‘no-brainer':

  • Logs already contain valuable data on your systems. Before you add any log events from your applications, your system components (operating systems, web servers, application servers, databases, load balancers, routers, firewalls etc.) already produce log data that contain valuable information on performance, response time, who is accessing your system & from where etc. Adding your own log events into the mix from your software applications can give you the entire picture, but there's already a lot for free that you should really take advantage of.
  • Adding new log events is easy peasy - i.e. they scale if you need to add more data, and adding them doesn't require some complex library integration. Simply add a few well structured log events to your logs to get more insights into your system, e.g. add a new feature, then add some log events that capture its usage at an individual user level for example. Then simply track these events to understand if, when and how that new feature is being used after its release. Some tips on how to better structure your log events can be found in this great post by Ryan Daigle entitled "5 steps to better application logging."
  • Logs are decoupled from your system: One of the beautiful simplicities of using yourlogs as data, is that your system does not end up being tightly coupled with your APM tool or web analytics solution. What do I mean by tightly coupled? Well if you are using an APM tool for example you generally have to integrate their monitoring libraries or agents into your system so that it is instrumented and the APM tool can start to capture some system traces, performance metrics and resource usage information for example. This can not only impact your application performance but also means that your application is essentially locked into using this solution unless you are prepared to rip out the library from your application code. With logs, this isn't the case. You simply log your events to disk, or syslog for example, and then you can use a log management solution to extract and visualize the important data. If you decide you don't like your logging provider you can simply send your logs to another service or solution, without the need to rip out any libraires or interfere with your application source code.
  • Logs can visualize whatever data you add into them: With log data you are only really limited by your imagination - what you use them for really depends on what you put into them. Internally at Logentries, a few things we use our logs for include tracking user sign-ups and feature usage, identifying performance threshold breaches, understanding system resource usage, tracking marketing campaigns via pixel tracking, visualizing total $$$ sales per day ... the list goes on...
  • Logs can be generated from every component and device in your stack: Logs can be used to give a complete end-to-end view of your system and are generally produced by every component in all layers of your stack. I recently wrote a blog post on how logs are particularly useful when trying to get visibility into cloud components that can otherwise be considered as black boxes - in short, the blog outlines how cloud services, that you can not instrument with traditional APM solutions, produce log data that you can be used to get visibility into those cloud components and services. Furthermore, you can now also capture logs from your users' web browsers, or mobile devices in real time that give true end-to-end visibility of your application from the client device, though your middleware components and all the way to the database - so that you can also track events through complex stacks.
  • Logs maintain the evidence: Finally, and most important of all in my opinion, is that dashboards based on log data have an important property that does not exist when creating dashboards with many other approaches - i.e. your logs maintain the evidence! This means that if there is a spike in the number of signups or an increase in your customers' using a particular feature, you can quickly validate what caused that change. Validating your data is something that can be particularly painstaking when using APM, web analytics tools or home grown metrics dashboards.

When trying to validate metrics with other monitoring approaches the process usually goes as follows:

  1. you see a sudden spike in one of your metrics, for example signups are up 200% from yesterday.
  2. knowing that there is no such thing as a free lunch, and the fact you didn't kick off any new marketing campaigns recently, you wonder how signups could have increased in this way?
  3. you ask one of your developers, who is responsible for building your home grown metrics dashboard, to check this out and figure out what was responsible for the change.
  4. the developer is pretty busy and comes back a day or two later, after checking the code and one or two databases, explaining that you've been spammed and that the increase in signups was a result of some spammer signing up for a bunch of accounts
  5. you knew there was no such thing as a free lunch :) but it's two days later and you feel a little frustrated having to wait so long for an answer

If you've created your dashboard from your logs the process looks more like this:

  1. you see a sudden spike in one of your metrics, for example signups are up 200% from yesterday
  2. knowing that there is no such thing as a free lunch, and the fact you didn't kick off any new marketing campaigns recently, you click on the spike to drill down into the log data (i.e. the evidence) and look at the list of people who signed up today - and you immediately see the same email address pattern over and over again and you see that someone has been spamming you - QED :)Log Data Insights

Given the above, I am really pleased to announce our new real-time visualizations that are available out of the box when you use Logentries. Our new Log Insights provide a real-time dashboard with a high level view into important events that are occurring in your system. A few of the benefits include:

  • No Search required: Our new dashboard is available out of the box and requires no setup or requirement to run complex search queries on your data. It gives you an immediate view on important trending events and data volumes from your different systems.
  • Track event volume and identify trends in important events: The dashboards show volume of data from your different components, the distribution of these events over time, as well as how important events you have tagged are trending across your systems.
  • Drill down to view the evidence: The dashboards are completely clickable - so you can drill down into your logs to validate any spikes or trends in your data. Spikes and trends can be easily identified such that you can easily dig into these to better understand their root cause.
  • Share insights across your team(s): Because they have been designed to be easy-to-use and do not require complex search queries to build, the dashboards can be used to easily share insights related to your systems across different teams in your organization such as development, test, support, devops, product...and more. As I said above this is really only limited by what data you capture in your logs.

As always looking forward to your feedback on our latest feature - so do let us know what you think! or hit us up on twitter @logentries.

 

More Stories By Trevor Parsons

Trevor Parsons is Chief Scientist and Co-founder of Logentries. Trevor has over 10 years experience in enterprise software and, in particular, has specialized in developing enterprise monitoring and performance tools for distributed systems. He is also a research fellow at the Performance Engineering Lab Research Group and was formerly a Scientist at the IBM Center for Advanced Studies. Trevor holds a PhD from University College Dublin, Ireland.

@MicroservicesExpo Stories
SYS-CON Events announced today that Cisco, the worldwide leader in IT that transforms how people connect, communicate and collaborate, has been named “Gold Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Cisco makes amazing things happen by connecting the unconnected. Cisco has shaped the future of the Internet by becoming the worldwide leader in transforming how people connect, communicate and collaborat...
SYS-CON Events announced today that Open Data Centers (ODC), a carrier-neutral colocation provider, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Open Data Centers is a carrier-neutral data center operator in New Jersey and New York City offering alternative connectivity options for carriers, service providers and enterprise customers.
SYS-CON Events announced today that kintone has been named “Bronze Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY, and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. kintone promotes cloud-based workgroup productivity, transparency and profitability with a seamless collaboration space, build your own business applic...
SYS-CON Events announced today that Akana, formerly SOA Software, has been named “Bronze Sponsor” of SYS-CON's 16th International Cloud Expo® New York, which will take place June 9-11, 2015, at the Javits Center in New York City, NY. Akana’s comprehensive suite of API Management, API Security, Integrated SOA Governance, and Cloud Integration solutions helps businesses accelerate digital transformation by securely extending their reach across multiple channels – mobile, cloud and Internet of Thi...
The 5th International DevOps Summit, co-located with 17th International Cloud Expo – being held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA – announces that its Call for Papers is open. Born out of proven success in agile development, cloud computing, and process automation, DevOps is a macro trend you cannot afford to miss. From showcase success stories from early adopters and web-scale businesses, DevOps is expanding to organizations of all sizes, including the...
SYS-CON Events announced today that StorPool Storage will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. StorPool is distributed storage software that allows service providers, enterprises and other cloud builders to run data storage on standard x86 servers, instead of using expensive and inefficient storage arrays (SAN).
SYS-CON Events announced today that Site24x7, the cloud infrastructure monitoring service, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Site24x7 is a cloud infrastructure monitoring service that helps monitor the uptime and performance of websites, online applications, servers, mobile websites and custom APIs. The monitoring is done from 50+ locations across the world and from various wireless carr...
SYS-CON Events announced today that B2Cloud, a provider of enterprise resource planning software, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. B2cloud develops the software you need. They have the ideal tools to help you work with your clients. B2Cloud’s main solutions include AGIS – ERP, CLOHC, AGIS – Invoice, and IZUM
While DevOps most critically and famously fosters collaboration, communication, and integration through cultural change, culture is more of an output than an input. In order to actively drive cultural evolution, organizations must make substantial organizational and process changes, and adopt new technologies, to encourage a DevOps culture. Moderated by Andi Mann, panelists will discuss how to balance these three pillars of DevOps, where to focus attention (and resources), where organizations m...
How do you securely enable access to your applications in AWS without exposing any attack surfaces? The answer is usually very complicated because application environments morph over time in response to growing requirements from your employee base, your partners and your customers. In his session at 16th Cloud Expo, Haseeb Budhani, CEO and Co-founder of Soha, will share five common approaches that DevOps teams follow to secure access to applications deployed in AWS, Azure, etc., and the frict...
of cloud, colocation, managed services and disaster recovery solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. TierPoint, LLC, is a leading national provider of information technology and data center services, including cloud, colocation, disaster recovery and managed IT services, with corporate headquarters in St. Louis, MO. TierPoint was formed through the strategic combination of some of t...
SYS-CON Events announced today that Soha will exhibit at SYS-CON's DevOps Summit New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Soha delivers enterprise-grade application security, on any device, as agile as the cloud. This turnkey, cloud-based service enables customers to solve secure application access and delivery challenges that traditional or virtualized network solutions cannot solve because they are too expensive, inflexible and operational...
There's a real buzz about microservices and containers in the application development and DevOps communities, and of course these are topics we've been talking about a great deal lately here at XebiaLabs too. Microservices and containers offer many attractive features, not least the potential for enhanced flexibility, and a robust architecture based on best-fit services. What we at XebiaLabs are really interested in is how organizations can effectively deliver microservices-based apps to bett...
SYS-CON Events announced today that Vicom Computer Services, Inc., a provider of technology and service solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. They are located at booth #427. Vicom Computer Services, Inc. is a progressive leader in the technology industry for over 30 years. Headquartered in the NY Metropolitan area. Vicom provides products and services based on today’s requirements...
SYS-CON Events announced today that Tufin, the market-leading provider of Security Policy Orchestration Solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. As the market leader of Security Policy Orchestration, Tufin automates and accelerates network configuration changes while maintaining security and compliance. Tufin's award-winning Orchestration Suite™ gives IT organizations the power and a...
Today, the demand for new applications is growing at an unprecedented rate throughout lines of business and across industries. Customer expectations for mobile and e-commerce capabilities are transforming software development speed and quality into a competitive differentiator for even the most unlikely businesses. For existing software development shops, the proliferation of platforms, increasing need for total global uptime, and accelerating pace of industry disruption by fast-paced startups h...
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY., and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. MangoApps provides private all-in-one social intranets allowing workers to securely collaborate from anywhere in the world and from any device. Social, mobile, and eas...
SYS-CON Events announced today that Cloudian, Inc., the leading provider of hybrid cloud storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Cloudian, Inc., is a Foster City, California - based software company specializing in cloud storage software. The main product is Cloudian, an Amazon S3-compliant cloud object storage platform, the bedrock of cloud computing systems, that enables c...
Change becomes the central principle of today’s enterprises, and thus business agility becomes the most important characteristic our organizations must exhibit. Agile Architecture lays out a best practice approach for achieving this agility – and thus drives and coordinates the other revolutions, as both digital and DevOps are about being able to deal with change better as well.
Thought experiment: let’s say your app gets a message from somewhere, perhaps from another app, but you don’t know from where. The message contains the number 47 but no other information. What should your app do with the message? The answer: nothing. There’s no way for your app to make any sense out of a single datum with no context, no additional information or metadata about the datum itself. Now, let’s scale up this thought experiment to a data lake. There are a few common definitions o...