 |
 |
Hi Jacek, On last Friday, I've talk with CC-IN2P3 monitoring expert, here's a summary: - Standard de facto is ELK (ElasticSearch, Logstash, Kibana), which is a splunk-like open-source software. But in2p3 sysadmin recommends to use syslog-ng instead of LogStash, because it is ten times faster and it can support high load. - Good practive is to produce structured log (i.e. JSON format for example). This allows not to write/maintain fragile and complex log parsing ruels (which may break each time a developer change a log message). JSON key are not normalized yet, but splunk format can be used: http://docs.splunk.com/Documentation/CIM/latest/User/Overview Task to do: - add a JSON appender to Qserv(/xrootd?) logger - install/configure a virtual machine ccqserv-mon with ElasticSearch and Kibana, - install/configure syslog-ng on all cc-in2p3 Qserv cluster Shall we create new tickets in epic DM-1823 (Design and implement monitoring tool for Qserv)? Cheers, Fabrice ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the QSERV-L list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=QSERV-L&A=1