16
Gaining Operational Insights out of your logs Kobi Biton, Solutions Architect

Gaining Operational Insights out of Your Logs

Embed Size (px)

Citation preview

Page 1: Gaining Operational Insights out of Your Logs

Gaining Operational Insights out of your logs

Kobi Biton, Solutions Architect

Page 2: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Agenda

• Common Log sources on AWS• Loading Streaming data into Amazon

Elasticsearch Service• Demo: Real world scenario

Page 3: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

We want to turn this…

{"eventTime": "2016-06-06T09:59:55Z","eventSource": "signin.amazonaws.com","eventName": "ConsoleLogin","awsRegion": "us-east-1","sourceIPAddress": ”169.254.169.254","userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:38.0)

Gecko/20100101 Firefox/38.0",

"errorMessage": "Failed authentication","requestParameters": null,"responseElements": {

"ConsoleLogin": "Failure"},"additionalEventData": {

"LoginTo": "SomeInfo""MFAUsed": "Yes"

},{...}

Page 4: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Into this…

Page 5: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

And then optionally this…

Amazon SNS

Topic

AWS Lambda

CloudwatchLogs

Alarms

Page 6: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Common Log Sources

• Amazon Cloudfront access logs , S3 server access logs

• Elastic Load Balancer access logs• AWS Cloudtrail , VPC Flow Logs• Amazon SNS notifications• Amazon EC2 OS Logs / Custom application

logs

Page 7: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Loading Streaming Data Into Amazon Elasticsearch Service

Page 8: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

From Amazon S3

Amazon ESDomain

AWS Lambda

ELB Logs

Cloudfront Access Logs

S3 Access Logs

S3

Page 9: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

AWS Cloudtrail

VPC Flow Logs

CloudwatchLogs

Amazon ESDomain

AWS Lambda

From Amazon Cloudwatch Logs

Cloudwatch Alarms

Page 10: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Kinesis FirehoseAgent

Amazon Kinesis

Firehose

Amazon ESDomain

Via Amazon Kinesis Firehose

Page 11: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

LogstashAgent

Log Objects

Amazon ESDomain

Via Logstash Agent

Page 12: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

DEMO

Page 13: Gaining Operational Insights out of Your Logs
Page 14: Gaining Operational Insights out of Your Logs

[email protected]

Page 15: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Appendix

Page 16: Gaining Operational Insights out of Your Logs

© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Useful Links:

• https://docs.aws.amazon.com/elasticsearch-service/latest/developerguide/es-aws-integrations.html

• https://github.com/awslabs/cloudwatch-logs-subscription-consumer/tree/master/configuration/kibana

• https://docs.aws.amazon.com/firehose/latest/dev/writing-with-agents.html• https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/Su

bscriptions.html• https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/M

onitoringLogData.html


Micromax Momentum Gaining

Micromax Momentum Gaining

Documents
COSA SONO I LOGS GEOFISICI IN FORO - geostudiastier.it · COSA SONO I LOGS GEOFISICI IN FORO Logs geofisici in foro: la fase di acquisizione (1) I Carotaggi geofisici, o Logs, o diagrafie

COSA SONO I LOGS GEOFISICI IN FORO - geostudiastier.it · COSA SONO I LOGS GEOFISICI IN FORO Logs geofisici in foro: la fase di acquisizione (1) I Carotaggi geofisici, o Logs, o diagrafie

Documents
Nodeb Logs

Nodeb Logs

Documents
Increasing output and gaining portfolio transparency · PDF fileIncreasing output and gaining portfolio transparency ... on time delivery KPI declined ... Increasing output and gaining

Increasing output and gaining portfolio transparency · PDF fileIncreasing output and gaining portfolio transparency ... on time delivery KPI declined ... Increasing output and gaining

Documents
Insight gaining from OLAP queries via data movies

Insight gaining from OLAP queries via data movies

Documents
Learning Insights 2014 - 10 Insights To Transform Learning

Learning Insights 2014 - 10 Insights To Transform Learning

Business
Apache+ q logs

Apache+ q logs

Technology
4.6 Porosity logs

4.6 Porosity logs

Documents
Logs Sesión 0001

Logs Sesión 0001

Documents
center line logs 2

center line logs 2

Documents
Quy trinh-marketing-insights, quy trình marketing insights

Quy trinh-marketing-insights, quy trình marketing insights

Business
DE INSIGHTS DISCOVERY KLEUREN INSIGHTS DISCOVERY

DE INSIGHTS DISCOVERY KLEUREN INSIGHTS DISCOVERY

Documents
ITI7 Programación Web...t olinware0 IENTAS LIPGOP clirectc Escribe aquí para buscar XAMPPControl 5th 2019] XAMPP Control Panel v3.2.4 Logs Logs Logs Logs Help 09.15 p. m

ITI7 Programación Web...t olinware0 IENTAS LIPGOP clirectc Escribe aquí para buscar XAMPPControl 5th 2019] XAMPP Control Panel v3.2.4 Logs Logs Logs Logs Help 09.15 p. m

Documents
Curso Avanzado Seguridad Logs

Curso Avanzado Seguridad Logs

Documents
Centralización de Logs: Presentación

Centralización de Logs: Presentación

Documents
Langevin Visitor Logs

Langevin Visitor Logs

Documents
4.4 Resistivity logs and Induction logs

4.4 Resistivity logs and Induction logs

Documents
Études des logs de la centrale de Sisteron - Stage ... · logs de la centrale de Sisteron S.Gassmann Logs Etudes Reconnaissance des cycles Corrections Conclusions Etudes des logs

Études des logs de la centrale de Sisteron - Stage ... · logs de la centrale de Sisteron S.Gassmann Logs Etudes Reconnaissance des cycles Corrections Conclusions Etudes des logs

Documents
Greece National Export Strategy gaining international competitiveness

Greece National Export Strategy gaining international competitiveness

Documents
GAINING EXPERIENCE MOVING FORWARD · GAINING EXPERIENCE MOVING FORWARD Thai Stanley Electric Public Company Limited. บริษัท ไทยสแตนเลย การไฟฟ

GAINING EXPERIENCE MOVING FORWARD · GAINING EXPERIENCE MOVING FORWARD Thai Stanley Electric Public Company Limited. บริษัท ไทยสแตนเลย การไฟฟ

Documents
Reportes de Insights & Tendencias: Mega-Insights

Reportes de Insights & Tendencias: Mega-Insights

Business
Gaining Political Mileage. Getting the Message Right

Gaining Political Mileage. Getting the Message Right

Health & Medicine
Insights Discovery Grafiken. Die Insights Farb-Grafiken

Insights Discovery Grafiken. Die Insights Farb-Grafiken

Documents
Centralización de logs

Centralización de logs

Documents
Ways for Gaining Rewards

Ways for Gaining Rewards

Spiritual
Centralização de Logs

Centralização de Logs

Documents
KrólewnaŚnieżka - INSIGHTS POLSKA Sp. z o.o. | INSIGHTS

KrólewnaŚnieżka - INSIGHTS POLSKA Sp. z o.o. | INSIGHTS

Documents
N1052F Logs - aso.com

N1052F Logs - aso.com

Documents
Gestion des fichiers LOgs

Gestion des fichiers LOgs

Documents
Gaining Consumer Insights- Marketing Research in India 24[1]

Gaining Consumer Insights- Marketing Research in India 24[1]

Documents